Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft to patch zero-day IE bug now under attack

Gregg Keizer | Oct. 4, 2013
Eight updates will plug holes in IE, Windows, Office, SharePoint and Silverlight

The other four updates will patch vulnerabilities in Excel, other pieces of Office, the SharePoint collaboration server software and Silverlight, a media format Microsoft seems to have discarded or at least isn't interested in developing further.

Because the Office-related vulnerabilities were ranked as "important" even though Microsoft said hackers could exploit them to plant malware on customers' PCs, Storms said it was probable that any attack code required considerable user interaction to work, such as downloading files, opening shared folders or clicking through multiple warnings.

"Being exploited via a drive-by is not going to happen," said Storms, referring to the most dangerous attacks, which only require a user to visit a malicious website to trigger exploits.

Microsoft will release next week's security updates on Oct. 8 around 1 p.m. ET.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.