On The Insider: Taylor Lautner Plays Beach Football
BNET Business Network:
BNET
TechRepublic
ZDNet

December 17th, 2008

Critical IE 7 fix is now available

Posted by Mary Jo Foley @ 11:29 am

Categories: Corporate strategy, Internet Explorer, Security

Tags: Microsoft Internet Explorer 7, Microsoft Internet Explorer, Microsoft Corp., MS08-078, Web Browsers, Security Administration, Patches, Security, Internet, Mary Jo Foley

If you’re running Internet Explorer (IE) 7, you can go get the critical patch Microsoft released on December 17 to thwart a serious security vulnerability discovered earlier this week.

Update: If you’re running one of the IE 8 test builds, you still should patch your systems, as well.  Microsoft has made available versions of the patch for IE 8 and is telling individuals who obtained last week’s private “IE 8 Partner Build” they should apply the patch, too. (The partner build number is 8.0.6001.18344.)

Microsoft said today’s out-of-band IE patch applies to “over 300 versions of IE across more than 25 languages.” The patch was developed in nine days and will be pushed out by the company’s automatic patching mechanisms.

Here’s the latest update from Christopher Budd, Microsoft security response communications lead:

“Today, Microsoft released security update MS08-078 which will address a new vulnerability allowing remote code execution in all affected versions of Internet Explorer products. Microsoft encourages all IE customers to test and deploy this update as soon as possible.

“At this time, we are aware only of attacks that attempt to use this vulnerability against Windows Internet Explorer 7. Our investigation of these attacks so far has verified that they are not successful against customers who have applied the security update. MS08-078 has a maximum severity rating of Critical for all versions of Internet Explorer.

“Microsoft is hosting two webcasts to address customer questions on this bulletin today at 1:00 PM PDT and Thursday, Dec. 18, 2008 at 11:00 AM PDT in the U.S. and Canada….After Thursday, this webcast is also available on-demand.”

As of 10:00 AM PT on the 17th, the update was available through all standard security update management systems including, SCCM, SMS, WSUS, and Windows Update, a Microsoft spokesman added.

Mary Jo FoleyMary Jo has covered the tech industry for more than 20 years. Don't miss a single post. Subscribe via Email or RSS. You can also follow Mary Jo on Twitter.

Got a tip? Send Mary Jo your rants, rumors, tips and tattles. For disclosure on Mary Jo's industry affiliations, click here or to see Mary Jo's full profile click here.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

  • Talkback
  • Most Recent of 5 Talkback(s)
Didn't require a reboot for me
I didn't have any major apps open though -- the patch just contains MSHTML.DLL so as long as no open apps are using it, no reboot should be required.... (Read the rest)
Posted by: PB_z Posted on: 12/17/08 You are currently: a Guest | | Terms of Use
Thanks!  Kromaethius | 12/17/08
And it doesn't cause a loss of unsaved work:  ye | 12/17/08
And it doesn't cause a loss of unsaved work:  kozmcrae | 12/17/08
It's what you do when...  Sleeper Service | 12/17/08
Didn't require a reboot for me  PB_z | 12/17/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here

Order Microsoft 2.0

Pre-order Microsoft 2.0

Order 'Microsoft 2.0' by Mary Jo Foley at Amazon.com.

Recent Entries

advertisement

Archives

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here