As I wrote yesterday, Microsoft on Wednesday released an emergency patch for the zero-day* vulnerability, KB960714, that affects all versions of Internet Explorer since 5.01.
The patch is available via Windows Update, or can be downloaded for your specific IE version and OS from this page. It should be noted that there doesn't appear to be a download on that for the Internet Explorer 8 Beta 2, but that version is vulnerable, and the fix can be picked up via Windows Update, Microsoft says.
Last weekend Microsoft indicated it had seen an upsurge in exploits, but targeted only at IE7. The fact that the KB960714 vulnerability is being exploited in the wild, and from, Microsoft says, some legitimate sites, means that end users should patch as quickly as possible.
KB960714 can allow remote code execution on your computer if you visit an infected site with Internet Explorer. As I said, Microsoft has indicated that several legitimate sites are serving up the malware.
This is the second emergency patch, outside of the normal Patch Tuesday updates, that Microsoft has released since late October.
* A zero-day vulnerability is one that is exploited or attacked before a vendor can patch it.
Comment and add to the story without registration, but keep the comments meaningful please. Links are not accepted.
