Microsoft hole opened Google to China hack

Microsoft has posted a security advisory for what is suspected to be the gaping hole in Internet Explorer which allowed Chinese hacker's into Google's system, sparking a row between the Internet search giant and the Chinese government.

A Technet posting points to a vulnerability in Exploder which could allow remote code execution.

Microsoft says, "Our investigation so far has shown that Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are affected.

"At this time, we are aware of limited, active attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other affected versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if this situation changes.

"On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs."