Microsoft to Release Out-of-Band Patch for IE Bug

For the second month in a row, Microsoft is releasing another out-of-band patch to address the much-exploited zero-day vulnerability in Internet Explorer. The browser bug – a flaw in the data-binding function of IE – prominently featured in the following massive cybercriminal threats:

An online games information-stealing operation that seemed to be targeting Chinese [...]

December 17th, 2008 | Tags: , | Category: Malware | Leave a comment

Thousands of legitimate sites SQL injected to serve IE exploit

Once again confirming the trend of having more legitimate sites serving exploits and malware than purely malicious ones, Chinese hackers have been keeping themselves busy during the last couple of days, launching massive SQL injection attacks affecting over 100,000 web sites. The SQL injection attacks serving the just patched Internet Explorer XML parsing exploit, [...]

December 17th, 2008 | Tags: , , , | Category: General | Leave a comment

Firefox joins security patch day treadmill

Mozilla is joining Microsoft and Opera on the browser patching treadmill. The open-source group has rolled out the final security fix for the Firefox 2 branch and a new version of Firefox 3 to plug about a dozen security holes that could lead to remote code execution attacks, browser crashes and information disclosure issues.

[...]

December 17th, 2008 | Tags: | Category: General | Leave a comment

Microsoft’s incredible IE patch turnaround

Guest post by Eric Schultze Microsoft’s latest Internet Explorer out-of-band patch release needs to be installed right away.  The number of infected websites is growing at an alarming rate — even people visiting legitimate websites are getting hacked with this exploit. Patch it now – just do it.  Why did this come out as an [...]

December 17th, 2008 | Tags: , | Category: General | Leave a comment