Microsoft has issued a rare “off-schedule” security patch for its internet explorer browser versions 5,6,7. The patch tagged “critical” is only the third such patch issued by Microsoft in as many number of years. The patch has been released to fix the “zero day” flaw which has been recently discovered in the browser. The problem, which arose because of a weak data binding system leaving a hole in the memory leaving it open to attacks by remote hackers. The flaw has been widely publicized and used to great effect by hackers. Unlike in the past, hackers have only to direct users to a malicious site and without the user even downloading anything Trojans are placed on the computer which then record keystrokes enabling access from email or game passwords to credit card numbers.
The KB960714 is available on the Microsoft website and is part of the MS08-078 security bulletin. The patch prevents third party attacks using the above mentioned technique and returns the full protection for passwords and other sensitive information.
Along with Microsoft, mozilla has also issued an update for its firefox browser in light of the vulnerability that it is also facing. An estimated 2 million computers have been affected by the “Zero Day” flaw according to PC magazine.
Sign up to our RSS feed at TheTechnologyBlog.net