Microsoft has quickly released an update supposed to fix at least five recent vulnerabilities in Internet Explorer, including the popular disclosed zero-day vulnerability, already exploited. The emergency patch is available for all supported editions of Windows, including XP and Vista and old Windows Server 2003, promising to solve the issues on Internet Explorer 6, 7, 8 and 9. Officially, Internet Explorer 10, coming soon with Windows 8, isn't vulnerable.
Emergency Release For Internet Explorer
If you were to say which one was more critical, it seem that IE 9 is the unlucky one, since three of the vulnerabilities were inside it, while the last severely affected Internet Explorer 7 and 8. The zero-day vulnerability (meaning it was highly used by attackers before Microsoft was aware of the bug itself) disclosed last weekend, affected all browsers, from IE 6 to IE 9, being focused on home and medium business customers.
Separately, Microsoft issued an update for vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8 and Windows Server 2012.
There was another zero-day vulnerability January 2010, when Microsoft had to face Aurora, a powerful Trojan, breaking into Google's network, for instance.
11
