Microsoft Issues Patch for IE Zero-Day Flaw

True to its word, Microsoft has issued the “out-of-band” security patch to address vulnerabilities in Internet Explorer 6 (IE6) and IE7. That means that the company felt the threat was serious enough that it needed to act ahead of its usual monthly Patch Tuesday event.

eSecurity Planet has the details on Microsoft’s IE patch, which the company raced to deliver after a hacker released a Metasploit module detailing the vulnerability.

Microsoft released an “out-of-band patch” for a security vulnerability in Internet Explorer 6 (IE6) and 7 (IE7) that the company had warned users about earlier this month.

The move marks an urgent response to a bug that’s already being actively exploited in the wild, although Microsoft (NASDAQ: MSFT) said those attacks have been limited, making it a so-called zero-day vulnerability. Typically, Microsoft addresses security fixes only through its regular “Patch Tuesday” roundup of monthly updates.

Microsoft provided systems administrators with advance notice of the pending patch release on Monday.

Read the full story at eSecurity Planet:

Microsoft Issues Out-of-Band Internet Explorer Security Patch

News Around the Web