Have you patched Internet Explorer 7 yet?

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

We’re seeing evidence of a vulnerability in Internet Explorer 7 being exploited in the wild.

The vulnerability (known as MS09-002) allows malicious webpages to run code on your computer which could, of course, infect your PC, commandeer your computer to be part of a botnet, or steal your identity.

Hackers are increasingly using the web to infect unsuspecting computer users, so sadly it came as no surprise to come across a website that was carrying code that exploited the vulnerability:

Malicious script

Sign up to our free newsletter.
Security news, advice, and tips.

Fraser Howard of SophosLabs has blogged in more detail about this, and has provided information about how Sophos proactively protects against the threat. But the most important thing is that you patch your systems with Microsoft’s fix.

Every month Microsoft issues a bundle of security patches for users of its software, and customers are
urged to install them before the bad guys exploit them. Microsoft doesn’t issue these patches and advisories for fun – make sure that you are keeping your users protected against the latest vulnerabilities.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.