Found this on Canada -dot- com
===============================================
Thursday » December 18 » 2008
Microsoft releases emergency patch for perilous IE flaw
AFP
Tuesday, December 16, 2008
SAN FRANCISCO – Microsoft has released an emergency patch to fix a perilous software flaw allowing hackers to hijack Internet Explorer browsers and take over computers.
The U.S. software giant said Tuesday that in response to “the threat to customers” it immediately mobilized security engineering teams worldwide to deliver a software cure “in the unprecedented time of eight days.”
The patch is available at microsoft.com/technet/securi … 8-078.mspx
Researchers at software security firm Trend Micro say attacks based on the vulnerability in the world’s most popular Web browser are “spreading like wildfire” with millions of computers already compromised.
Microsoft typically releases patches for its software on the second Tuesday of each month and rushing this fix to computer users out-of-cycle is testimony to the severe danger of the threat, according to Trend Micro.
“When the patch is released people should run, not walk, to get it installed,” said Trend Micro advanced threat researcher Paul Ferguson.
“This vulnerability is being actively exploited by cyber-criminals and getting worse every day.”
Trend Micro has identified about 10,000 websites that have been infected with malicious software that can be surreptitiously slipped into visitors’ unprotected IE browsers to take advantage of the flaw.
Hackers can take control of infected computers, steal data, redirect browsers to dubious websites, and use machines for devious activities such as attacks on other networks, according to security specialists.
“What makes this so insidious it takes advantage of a big gaping hole of IE, which has the largest install base of any browser on the market,” Ferguson said.
IE is used on nearly three-quarters of the world’s computers, according to industry statistics from November.
===============================================
You can scroll down on this page and download the appropriate patch matching your system, here:
microsoft.com/technet/securi … 8-078.mspx
If you don’t know which Internet Explorer version and specks you have, open your IE browser, click on “help” followed by “About Internet Explorer”. Your version should be there as well as any Service Pak you may have additionally installed.