Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Internet Explorer 960714 is released

Published: 2008-12-17
Last Updated: 2008-12-17 22:56:36 UTC
by donald smith (Version: 1)
2 comment(s)

The Microsoft Security Bulletin MS08-078 - Critical
Security Update for Internet Explorer (960714) is available now. We covered this issue in several recent diaries.

http://isc.sans.org/diary.html?storyid=5497

http://isc.sans.org/diary.html?storyid=5479

http://isc.sans.org/diary.html?storyid=5458

http://isc.sans.org/diary.html?storyid=5464

http://isc.sans.org/diary.html?storyid=5503
Here is the link to the advisory.
http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx
As previously noted this is a critical update for IE 5.0.1, IE 6,
IE 6 SP1, IE 7 and IE 8 Beta 2. It is being exploited in the wild. It is being distributed via SQL injection.

So get your patches asap.

UPDATE

Just in case it wasn't obvious to everyone. ChrisM wrote in and reminded us that:
"The emergency IE patch that came out today (MS08-078), DOES NOT replace the IE security patch that came out earlier this month (MS08-073). Both of these patches have to be installed to make IE "secure"."

2 comment(s)
Diary Archives