Microsoft to release emergency Internet Explorer patch on Tuesday

Microsoft has announced that it will be issuing an emergency out-of-band patch for a critical security hole in some versions of Internet Explorer on Tuesday 30 March.

 

According to a Microsoft advisory, the emergency fix is designed to protect users of Internet Explorer 6 and Internet Explorer 7.

 

Microsoft normally bundles its security updates into a monthly package, known in the industry as “Patch Tuesday” (the second Tuesday of each month), and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. Clearly Microsoft considers the bug particularly important to patch as soon as possible.

 

And in my opinion they’re right not to leave this vulnerability unpatched until April 13th. Earlier this month I described how hackers are actively exploiting the vulnerability, in their attempt to infect computers.

 

The researchers in SophosLabs reported some of the malicious spam messages we have seen being distributed which attempt to trick users into visiting websites that will exploit the zero day vulnerability and infect Windows PCs.

 

More information about the security flaw can be found in Sophos’s analysis of the problem.

 

So, if you are still using Internet Explorer versions 6 or 7, please be sure to update your systems as soon as Microsoft releases the fix. But, in all honesty, what are you doing running such old versions of IE anyway? Shouldn’t you have upgraded to Internet Explorer 8 by now?

 

By Graham Cluley, Sophos

 

 

Related Blogs

Panda Cloud Antivirus 1.0.1

Panda released a new version of Panda Cloud Antivirus, version 1.0.1. This version is basically a cumulative-fix release which incorporates Hotfix-1, Hotfix-2 and some small additional improvements.

 

The most notable improvement is that we have gotten rid of the initial account registration which used to be mandatory for first-time installs. Panda Cloud Antivirus will not ask for account during install anymore. Only if you want to participate in the Cloud Antivirus Support Forums will you need to create an account.

 

I have Cloud Antivirus 1.0 already installed. Do I need to download & install this version?
Not really. This new version incorporates hotfixes which you probably already have installed anyway. To check if you have them installed, simply browse to “C:\Documents and Settings\All Users” (XP) and you should see a subdirectory called “HF_PCA_somenumber”.

 

I have the hotfixes installed but I still have some problems with Panda Cloud Antivirus. Should I install this version?
Yes you might want to give it a try. Below you can find some more detail of what this version fixes which is not included in the existing hotfixes. In order to install this version on top of the one you already have, first uninstall your current version, then reboot and finally download & install the new version from http://acs.pandasoftware.com/cloud/CloudAntivirus.exe.

 

What’s the changelog of this version 1.0.1?

1. Preactivated version does not require account creation during install
2. Fix for certain conditions of stuck quick & full scan
3. Improved cloud-heuristic detection for unknown malware – From HF_2
4. Improved prevalence algorithms for priorization of new malware – From HF_2
5. Fix of problems scanning certain files in system directories – From HF_1
6. Fix for loss of connectivity after malware disinfection involving LSP – From HF_1
7. Improved cloud-heuristic detection – From HF_1

 

 

Try Returnil Virtual System 2010 For Free

Returnil Virtual System 2009 Beta uses a combination of antivirus and virtualization technologies to protect your system against both malicious software and unwanted changes. Returnil virtualization technology clones your computer’s System Partition and boots the PC into a controlled virtual world rather than native Windows; allowing you to run your applications in a completely isolated and secure environment.

Read more

F-Secure unveils updated security suite

F-Secure has announced Internet Security 2010, an updated version of its popular security suite.

The company said that the new suite offers enhanced detection techniques using cloud-based technology, more secure browsing, and an improved user experience.

The cloud based element is provided by its ‘Real-Time Protection Network’, which uses F-Secure’s DeepGuard technology to compare any file launched on a system against a database hosted on F-Secure’s servers.

F-Secure’s technical manager Leslie Forbes said this process took only 70-100 milliseconds. “It’s amazingly fast”, he said. When users are offline, the system defaults to a local ‘sandbox’ scanning method. “It’s like having a virus lab with you all the time.”

Forbes also said that the new 2010 version was less resource hungry than the previous version and its competitors, making it suitable for use with netbooks or low spec systems.

UK country manager Pekka Metala, admitted that having had great success as the default security suite provided with many European ISPs, for now, F-Secure was mainly targeting the consumer market.

“We’re not just an enterprise company any more”, Metala said. However, he assured IT PRO that it was not abandoning the business market and that where relevant the new technology in the 2010 suite would be applied to its enterprise products.

“We have lots of legacy public sector customers, and we’re going to continue to support them.”

The suite will be available for download on 3 September for £39.95 for a three user pack, or £19.95 for a single user. It is available for Windows XP, Vista and 7.

When asked by IT PRO, Forbes hinted that a Mac version was also on the way, but no date was provided.

Back in February, F-Secure’s own internal servers were hit by an SQL injection attack, though the company deemed the attempted hack to be only “partially successful”.

Kaspersky Anti-Virus & Internet Security 2010 V9.0.0.313 Beta

Kaspersky Anti-Virus 2009 – the backbone of your PC’s security system, offering protection from a range of IT threats. Kaspersky Anti-Virus 2009 provides the basic tools needed to protect your PC.

Read more