Internet Explorer 960714 is released

Published: 2008-12-17. Last Updated: 2008-12-17 22:56:36 UTC
by donald smith (Version: 1)
2 comment(s)

The Microsoft Security Bulletin MS08-078 - Critical
Security Update for Internet Explorer (960714) is available now. We covered this issue in several recent diaries.

http://isc.sans.org/diary.html?storyid=5497

http://isc.sans.org/diary.html?storyid=5479

http://isc.sans.org/diary.html?storyid=5458

http://isc.sans.org/diary.html?storyid=5464

http://isc.sans.org/diary.html?storyid=5503
Here is the link to the advisory.
http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx
As previously noted this is a critical update for IE 5.0.1, IE 6,
IE 6 SP1, IE 7 and IE 8 Beta 2. It is being exploited in the wild. It is being distributed via SQL injection.

So get your patches asap.

UPDATE

Just in case it wasn't obvious to everyone. ChrisM wrote in and reminded us that:
"The emergency IE patch that came out today (MS08-078), DOES NOT replace the IE security patch that came out earlier this month (MS08-073). Both of these patches have to be installed to make IE "secure"."

Keywords: Internet Explorer patch released
2 comment(s)

Comments

\"It is being distributed via SQL injection.\"? Hopefully you mean, it is being exploited by SQL injection and distributed via Windows Update?

HPip

Dec 17th 2008
1 decade ago

Both of these patches have to be installed to make IE 'secure'"... Nothing will make IE 'secure' - these patches simply address the latest known vulnerabilities. No amount of patching will ever make a system and/or network 'secure'

Lee

Dec 18th 2008
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives