Microsoft Working On "Serious" Flaw Affecting Internet Explorer 6 & 7

Microsoft is rushing to release a security patch to address critical vulnerabilities in IE6 and IE7 that could enable hackers to dump malicious codes into victim’s computer and seize control over the system’s resources, it has been reported.

Incidentally, the software maker informed about the IE6 and IE7 security vulnerabilities with the advisory released with its customary Patch Tuesday last week. Just within a day’s time, an Israeli researcher, named Moshe Ben Abu, released the exploit code for the security hole.

This eventually has caused the software company to scramble and start the testing procedure of the security patch to plug the security hole.

Jerry Bryant, senior manager of security communications at Microsoft, wrote in an official blog post: “We have seen speculation that Microsoft might release an update for this issue out of band. I can tell you that we are working hard to produce an update which is now in testing”.

Besides, Bryant didn’t rule out the possibility of Microsoft launching an out-of-cycle security patch to address the issue with immediate effect.

Along the same line, he wrote: “We never rule out the possibility of an out-of-band update. When the update is ready for broad distribution, we will make that decision based on customer needs.”

Our Comments

Another week, yet another Microsoft vulnerability uncovered. It is likely that Microsoft will release an out of band patch to solve the issue, especially in attacks in the wild become more common.

Related Links

IE Attacks Circulate as Microsoft Updates Advisory

(eWeek)

Microsoft working to patch serious Internet Explorer 6, 7 flaw

(Afterdawn)

Microsoft races to plug IE hole after exploit code released

(CNet)

Microsoft hustles on IE patch, tests fix

(Computerworld)