Security update: Microsoft issues an out-of-band security update to protect against current Internet Explorer vulnerability
22 January, 2010 | Sydney, Australia
Microsoft has today issued an out-of-band security update to help protect our customers against the recently discovered Internet Explorer vulnerability. Microsoft takes the decision to conduct an out-of-band update very seriously given the impact to customers, but we believe that this is the right decision to keep people protected.
Microsoft recommends customers install the update immediately. For customers using Automatic Updates, this update will be automatically applied. As such we also urge customers to switch Automatic Updates on to ensure they receive the security update. Once the update is applied, customers will be protected against the known attacks that have been reported.
In addition, Microsoft strongly recommends customers who are using Internet Explorer 6 or 7 upgrade to Internet Explorer 8 (IE8) to help mitigate the current security vulnerability. IE8 can be downloaded from www.microsoft.com/australia/windows/internet-explorer/
Microsoft also Microsoft also recommends that customers using Windows XP SP2 upgrade to Windows XP SP3.
Customers using Internet Explorer 8 are not affected by currently known attacks and exploits due to the improved security protections provided in IE8. Moreover, Microsoft is only seeing a very limited number of targeted attacks against a small subset of corporations and the attacks that we have seen to date are only effective against Internet Explorer 6. We are not seeing any widespread attacks and thus far we are not seeing attacks focused on consumers. That said, we remain vigilant about this threat evolving and want to be sure our customers take appropriate action to protect themselves.
It is important to note that all software has vulnerabilities and switching browsers in an attempt to protect against this one, highly publicized, but currently limited attack can inadvertently create some false sense of security. Moreover, IE8 has other built-in security protections, such as the SmartScreen filter, that other browsers do not have that protect against real consumer threats, such as socially engineered malware and phishing attacks.
For more information or to conduct an interview, please contact:
Rudolf Wagenaar
Howorth
02 8281 3879
Ben Tan
Microsoft Australia
0418 488 827
Tags: security, privacy, vulnerability, Internet Explorer, IE8
