Microsoft fixes Internet Explorer hole used in attack

22 Jan 2010

Microsoft issued a cumulative critical patch for its Internet Explorer browser yesterday that fixes eight vulnerabilities.

The vulnerabilities include a hole that had been targeted in the China-based attacks on Google and other American companies.

The security update is rated ‘critical’ for all supported releases of Internet Explorer 5, 6, 7 and 8, according to an advisory. The more severe vulnerabilities could allow remote code execution if a user views a malicious web page using Internet Explorer, it said.

This IE security update had already been planned to be released on the next Patch Tuesday (9 February), Jerry Bryant, senior security program manager at Microsoft, said in a blog post.

Microsoft usually releases patches on the second Tuesday of each month.