Microsoft has released an out-of-cycle security update to protect Internet Explorer users against a vulnerability that was being exploited by malicious hackers.
Earlier this week Microsoft announced it would be issuing Security Update MS12-063, following the discovery last weekend by researcher Eric Romang that the previously unknown vulnerability was being used by a hacking gang to infect computers with the Poison Ivy Trojan.
Normally Microsoft releases security updates on a monthly schedule (known as “Patch Tuesday”), but as the heat rose with exploits using the attack and the likes of the German government urging users to stop using Internet Explorer, the software giant rightly moved to release an out-of-band emergency patch.
As well as defending against the zero-day vulnerability in versions of Internet Explorer, Microsoft’s security patch reportedly resolves four other remote code execution vulnerabilities that Microsoft says are not currently being exploited…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.