Fix comes on the heels of the patch for Java vulnerability.
After Oracle released a patch to fix a critical vulnerability in their Java software, Microsoft has come out with their own emergency update for users of Internet Explorer (versions 6, 7, and 8). While the two issues are not related, they are both serious, and affected users should update their software as soon as possible.
Here is what Micosoft had to say:
The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. For those manually updating, we strongly encourage you to apply this update as quickly as possible.
If you previously applied the Fix it offered through the advisory, you do not need to uninstall it before applying the security update released today. However, the Fix it is no longer needed after the security update is installed, so we are recommending that you uninstall it after you have applied the update to your system.
After learning of this vulnerability late last month, Microsoft offered a temporary ‘Fix it’ solution, saying that they had “seen only a limited number of attacks through an issue in Internet Explorer 6-8”, but apparently today beefed up the ‘Fix it’ solution to a more robust security update because “the potential exists that more customers could be affected”.
It is unclear at this point why this update was not included in last week’s Patch Tuesday, (Microsoft’s regularly scheduled, 2nd Tuesday of the month, update release). It could simply be that it was not ready, or it could be that exploitation of this vulnerability is suddenly getting more widespread.
Either way, if you are using Internet Explorer on Windows XP, and do not have automatic updates turned on, please grab the update from Microsoft and install it. If you have automatic updates turned on, your computer will grab it well…automatically.
Users of Internet Explorer versions 9 and 10, and thus Windows 7 and 8 users, are not affected. The newer versions of IE run only on the newer versions of Windows — strong evidence perhaps that Microsoft’s newer operating systems are more secure?
That sounds like another post entirely. In the meantime, if today has taught us anything, it is that the best thing you can do to protect your computer is to make sure you keep it updated.