SOFTWARE INSECURITY SISYPHUS Microsoft has released an out-of-cycle patch for users lazy or ignorant enough to still be using an old version of Internet Explorer.
It's generally rare that threats are deemed serious enough for Microsoft to not wait until its next Patch Tuesday, which would be April 13th now, but a vulnerability hit Internet Explorer 6 and 7 that left them open to potential remote code execution.
Microsoft said, "The vulnerability exists due to an invalid pointer reference being used within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted."
Microsoft became aware of targeted attacks and has issued the emergency patch, recommending that users install the update as soon as possible.
Even Internet Explorer 8 users will need to apply this patch, because the company is including fixes for nine other vulnerabilities that likely would have waited until Patch Tuesday but instead will be fixed now.
It's just a fact of life now that all web browsers have to patch against the latest threat, and Microsoft, with a still dominant though shrinking market share, is of course the biggest target. µ
You can't fault them for speed
Investigation reveals that malicious code was injected into the firm's payment page
Plus the three-for-free
And it's not just on Ubuntu, neither