Microsoft patches critical IE flaws

Microsoft on Friday issued a patch to fix three vulnerabilities in Internet Explorer web browser that it rated as critical.

The company urged customers to apply the patch, which was released ahead of Microsoft's regular monthly update schedule, due to the severity of the flaws. All of the vulnerabilities could allow an attacker to take over system.


One of the flaws opened the door to last month's Download.Ject attack, which downloaded a Trojan horse to a computer visiting a web site hosted on a server infected with the malware. The Trojan could monitor internet use to snatch confidential information.


The recent security problems with Internet Explorer has led at least two banks to switch to the Mozilla browser, Matt Caldwell, CSO, GuardedNet, a provider of enterprise security management products, said in an interview at the Black Hat Briefings held last week in Las Vegas.


Vincent Weafer, senior director at Symantec Security Response, said during a Symantec breakfast meeting about online fraud at Black Hat that customers have asked him if they should switch from Internet Explorer to Mozilla. "My advice is no," he said, explaining that Mozilla also has security issues.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.