/>
X
Business

Microsoft set to release critical IE patch today

Microsoft is issuing on January 21 an out-of-band (meaning, not tied to a regular Patch Tuesday) fix for the Internet Explorer security breach that affected Google and other companies in China. Microsoft plans to make the fix, designated as "critical," available as close to 10 a.m. PST as possible, officials said.
Written by Mary Jo Foley, Senior Contributing Editor on

Microsoft is issuing on January 21 an out-of-band (meaning, not tied to a regular Patch Tuesday) fix for the Internet Explorer security breach that affected Google and other companies in China. Microsoft plans to make the fix, designated as "critical," available as close to 10 a.m. PST as possible, officials said.

Update (9 a.m. PT): The patch is out. Steven Bink of Bink.nu fame, has links to all the various versions available for download.

While Microsoft officials say the "only successful attacks" have been against customers running IE6, the fix also applies to IE7 and IE8.

Here's the official word, via a Microsoft spokesperson:

"(W)e will be releasing MS10-002  (on) January 21, 2010. We are planning to release the update as close to 10:00 a.m. PST as possible. This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical. It addresses the vulnerability related to recent attacks against Google and a small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicized. We recommend that customers install the update as soon as it is available. For customers using automatic updates, this update will automatically be applied once it is released."

Microsoft also updated Security Advisory 979352 to include information about additional products that may be affected by this vulnerability and guidance related to reports of proof of concept (POC) code that bypasses Data Encryption Protection (DEP), the spokesperson said.

My blogging colleagues Ed Bott and Ryan Naraine have been covering this issue in more depth over the past few days, for those who want more information and background.

Editorial standards

Related

The 16 best Cyber Monday deals under $30 still available
Amazon Fire TV Stick 4K

The 16 best Cyber Monday deals under $30 still available

Apple names the 16 best apps and games of 2022, with BeReal taking top honors
App Store icon

Apple names the 16 best apps and games of 2022, with BeReal taking top honors

Don't miss the 98 best Cyber Monday deals still available now
Large white Cyber Monday text with electronics behind it

Don't miss the 98 best Cyber Monday deals still available now