Microsoft preparing fix for critical IE flaw

Posted on Saturday, December 03 2005 @ 1:07 CET by Thomas De Maesschalck
Microsoft is said to be preparing the launch of an out-of-cycle patch for Internet Explorer to fix a critical security flaw.
Microsoft late Tuesday updated its security advisory to confirm it was aware of a zero-day exploit and a drive-by malware attack targeting the unpatched vulnerability.

Alex Eckelberry, president of anti-spyware vendor Sunbelt Software, said his company first detected the drive-by downloads earlier this week and reported its findings to Microsoft.

"This is a pretty nasty exploit. You just have to visit the [malicious] site and your computer gets hosed. It's dropping a Trojan downloader that takes control of the victim's machine," Eckelberry said in an interview.
More info over here.

Loading Comments