Microsoft Releasing out of Cycle Patch for Internet Explorer Exploit
Take a look at the official announcement. They’ve moved outside the usual update cycle for this one. VERY good move Microsoft to get this patch in before the holidays as it looks as though there’s been a spike in the use of this particular exploit and with people doing a lot of home pc browsing over the next two weeks, hopefully they can have a patched Internet Explorer to browse with. These are one more good reason to have an alternative browser such as firefox installed “just in case”. That’s not to say that Firefox is immune to all such security issues, but it is targeted less frequently and perhaps most importantly by DIFFERENT things than Explorer is targeted by. (I should note that version 3.0.5 of firefox is out to address it’s own list of issues.)
By the way, this Internet Explorer vulnerability is listed as critical for Internet Explorer 5.01 on NT SP4, for Internet Explorer 6 on NT SP4 as well as pretty much every combination of Internet Explorer 6 or Explorer 7 on XP, Server 2003, Vista or Server 2008 AND those using Internet Explorer 8 beta 2 users are encouraged to update to a new release as well. In other words IF you use any currently supported version of Internet Explorer on any currently supported version of Windows you need to make sure this update installs.