Microsoft to patch critical IE bug on April 11

Posted on Tuesday, March 28 2006 @ 17:18 CEST by Thomas De Maesschalck
Microsoft says it may take until April 11 before a patch will be available to fix a recently discovered critical security flaw.
The bug, which concerns the way IE processes Web pages using the createTextRange() method, is now being exploited by attackers on hundreds of malicious Web sites (see "Update: Microsoft tests fix for IE bug as exploits appear"). Users who might be tricked into visiting these Web sites could have unauthorized software installed on their computers, security experts warn.

Though Microsoft has described these attacks as "limited" in scope, the problem is being taken seriously by the software giant because the exploits can be used to seize control of a user's machine.
More details at Computer World.

Loading Comments