p2p news / p2pnet: Bill and the Boyz are being forced to rush out yet another highly critical security fix in the endless streams they push out for their Internet Explorer.

"Microsoft confirms a wave of drive-by downloads targeting a zero-day browser vulnerability and says Internet Explorer users can expect a patch," says eWeek.

But that probably won’t happen until April 11, "if not sooner," it states, continuing:

"Malicious hackers are using hijacked Web servers and compromised sites to launch a wave of zero-day attacks against an unpatched flaw in Microsoft’s Internet Explorer browser. The first wave of drive-by downloads was spotted on March 25, and security experts tracking the attack say the threat is growing at a rate of 10 new malicious URLs every hour.

"eWEEK has seen a list of more than 20 unique domains and 100 unique URLs hosting the exploits, which are dropping a variant of SDbot, a virulent family of backdoors that give hackers complete ownership of infected computers."

The last time Microsoft issued a fix early was in January, says CNET News.

"Microsoft rushed out a fix for a serious vulnerability in the way Windows handled the Windows Meta File image format. That flaw was also being abused to attack Windows users."

Firefox, anyone?

Also See:
eWeek – IE Under Attack: Microsoft Ponders Emergency Patch, March 24, 2006
CNET News – Microsoft mulls rushing out IE patch, March 24, 200

This entry was posted on Monday, March 27th, 2006 at 8:14 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1635 times