Emergency IE update patches 10 critical security holes

March 30th, 2010

Emergency IE update patches 10 critical security holes

Posted by Ryan Naraine @ 1:26 pm

http://blogs.zdnet.com/security/?p=5955&tag=nl.e019

Microsoft today shipped a cumulative Internet Explorer update with patches for 10 security holes, including a drive-by download vulnerability that’s already being used in malware attacks.

The critical MS08-018 update patches security holes that could lead to code execution attacks on all versions of Microsoft’s flagship browser, including the newest Internet Explorer 8.

From the bulletin:

The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The patch comes a full three weeks after the appearance of targeted drive-by download attacks that dropped a backdoor on a hijacked Windows computer.

The backdoor allowed an attacker to perform various functions on the compromised system, including uploading and downloading files, executing files, and terminating running processes.

[ SEE: New Microsoft IE zero-day flaw under attack ]

This chart from the MSRC blog provides a simplified view of the ten vulnerabilities and their aggregate severity on Internet Explorer 6, 7, and 8:

* CVE-2010-0806 vulnerability under active attack.

Please keep  your systems patched

Read and post comments | Send to a friend

Advertisements

About skicat56

Snow Sports Industry veteran – Husband – Father – Network IT Ninja & Former Powncer. Old enough to know better but young enough to start a new career.
This entry was posted in Microsoft, Security, Software and tagged , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s