Microsoft is planning to release an out-of-band patch for Internet Explorer on Wednesday to address a critical security vulnerability that is being actively exploited.The company on Saturday warned that 1 in 500 Internet Explorer users worldwide may have been exposed to malware hosted at both legitimate Web sites and porn sites that exploit an unpatched vulnerability. Microsoft confirmed finding exploit code on a search engine in Taiwan and on a Web site in Hong Kong that serves adult entertainment content.”Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability,” Microsoft Security Response Center researchers Ziv Mador and Tareq Saade said in a blog post. “That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: We saw an increase of over 50% in the number of reports today compared to yesterday.”
Microsoft’s estimate works out to as many as 1.4 million potential victims, assuming there are a billion active Internet users (estimates range from 800 million to 1.5 billion), about 70% of whom are using Internet Explorer. The number of potential victims would drop to 940,000 if only Internet Explorer 7 users (47% browser market share) were affected. And those numbers represent only potential victims: Not all those exposed would be necessarily become infected. Since last Tuesday, Microsoft has updated its advisory four times. It expanded the list of potentially affected versions of Internet Explorer to include not only IE 7, but also IE 5.01 SP4, IE 6, IE 6 SP1, and IE 8 Beta 2. It also added several workaround options that involve disabling certain features.
Source: InternetWeek
2 comments:
Nice post, things explained in details. Thank You.
I definitely comply with some points that you just have mentioned on this post. I appreciate that you just have shared some reliable recommendations on this review.
Post a Comment