NEWS FROM THE LAB - Wednesday, January 9, 2013

Versions of Internet Explorer Still Vulnerable Posted by Sean @ 10:52 GMT

One week ago, it wasn't yet clear if Microsoft would be able to quickly patch Internet Explorer's latest vulnerability.

Microsoft Security Advisory 2794220
Microsoft Security Advisory (2794220)

We now know it isn't part of January's Security Updates. This raises the possibility of an out-of-cycle patch. But then, we have yet to see more than limited exploitation. (We are currently investigating reports of targeted attacks.)

To repeat our earlier guidance:

For Windows 7, update to version 9 of Internet Explorer.

For consumers with XP, we recommend installing an additional browser such as Mozilla Firefox or Google Chrome.

For corporate folks, and other organizations, required to use XP with IE 8: Microsoft has a Fix it tool available.

Details here: Microsoft "Fix it" available for Internet Explorer 6, 7, and 8