Microsoft Issues Out Of Cycle Patch For Internet Explorer

Microsoft has hurriedly released a cumulative critical patch for Internet Explorer that irons out eight vulnerabilities including the one that was apparently used by Chinese hackers to attack Google and a number of other companies worldwide.

The eight flaws are described in a Microsoft security bulletin, MS10-002, and has been labelled as critical by the company.

They include an XSS filter bypass, four uninitialised memory corruption vulnerabilities, a URL validation vulnerability as well as a pair of HTML object memory corruption weakness.

All recent Microsoft browsers, from Internet Explorer 5.01 to Internet Explorer 8 are affected. Even obscure platforms like Windows Server 2008 for Itanium-based Systems will need to be patched.

The update is targeted at all customers that use any recent Windows operating system coupled as well as Internet Explorer. Even if you don't use Internet Explorer as your main browser, it is advisable to install the patch for peace of mind.

Those on automatic updates will get it automatically once it is released. Microsoft confirmed that it already knew about the problem and had initially planned to release the patch in its monthly "Patch Tuesday" session.

Arguably though, mounting pressures from a number of entities, including the French and German government, convinced Microsoft to think otherwise and proceed to the roll out earlier.