informa
Commentary

ALERT: Emergency Explorer Patch From Microsoft Tomorrow

Tomorrow, Microsoft will be releasing an off-cycle emergency patch for the Internet Explorer vulnerability that has infected more than a million machines worldwide.
Tomorrow, Microsoft will be releasing an off-cycle emergency patch for the Internet Explorer vulnerability that has infected more than a million machines worldwide.The rare special release of a patch (what Microsoft calls "out of band") indicates just how serious the Explorer vulnerability is, and just how seriously Microsoft takes it.

The company's virtual cascade of updated advisories and bulletins since the problem was acknowledged on Saturday has matched the march of exploits mounted against the Explorer hole; as early as Saturday Microsoft was warning that 1 in 500 Explorer users might have been exposed to the problem.

The latest serves notice that Microsoft intends (their word) to release the patch tomorrow, as well as offering webcasts about the patch and the problem. (Registration info for tomorrow's webcast is here.)

This can't come soon enough; some security companies are estimating that 20,000 Web pages a day are being added to the number of infected sites, most of them legitimate, spreading the infection to even more machines.

Microsoft's intent to release the patch tomorrow is comforting, but tomorrow is still a ways off, and until the patch is out and proven, I don't intend to run Internet Explorer, and recommend that you don't either.

Recommended Reading: