New Microsoft patch fixes zero day exploit

Last week we reported that Microsoft was issuing fixes on its 'Patch Tuesday' for  vulnerabilities in Windows and Office, but a permanent fix for the latest bug in older versions of Internet Explorer – a so-called zero-day exploit – was not included. This potentially left users of Internet Explorer 6, 7, and 8 vulnerable to attackers gaining control of Windows computers to host malicious websites.

For information and advice on updating Windows, click here

Therefore, we recommend that if you use Internet Explorer in pre-Version 9, make the update as soon as you're prompted, as Microsoft deem the vulnerability as 'critical' … in other words: "Critical: a vulnerability whose exploitation could allow code execution without user interaction. These scenarios include self-propagating malware (e.g. network worms), or unavoidable common use scenarios where code execution occurs without warnings or prompts. This could mean browsing to a web page or opening email."


Written by

In partnership with