Information Security News mailing list archives
Microsoft delivers emergency patch for under-attack IE
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 20 Dec 2018 07:02:12 +0000 (UTC)
https://www.computerworld.com/article/3329717/microsoft-windows/microsoft-delivers-emergency-patch-for-under-attack-ie.html By Gregg Keizer Senior Reporter Computerworld Dec 19, 2018Microsoft rarely mentions Internet Explorer (IE) anymore, but when it does, it usually means bad news.
So it was Wednesday, when Microsoft issued a rare emergency security update to plug a critical vulnerability in the still-supported IE9, IE10 and IE11. The flaw was reported to Microsoft by Google security engineer Clement Lecigne.
According to Microsoft, attackers are already exploiting the vulnerability, making it a classic "zero-day" bug. Because of that, the company released a fix before the next round of security updates scheduled for Jan. 8.
The update was issued to Windows 7, 8.1 and 10 - the latter with patches for versions 1607 and later - as well as Windows Server 2008, 2012, 2016 and 2019. (Updates for some versions of Windows 10 - 1607 and 1703 - were available only to Windows 10 Enterprise and Windows 10 Education.)
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Microsoft delivers emergency patch for under-attack IE InfoSec News (Dec 19)