Microsoft breaks schedule for early IE patch

By Kevin Fogarty, News Director 28 Sep 2006 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Microsoft bypassed its monthly Patch Tuesday schedule this week to release a fix for a flaw in the Vector Markup Language (VML) that the SANS Internet Storm Center and other virus watchdogs flagged as unusually dangerous.

A Microsoft spokesperson said the company moved up the Oct. 10 release date to head off an exploit that takes advantage of how recent versions of Internet Explorer and Outlook handle malformed VML tags. One particular malformation can cause a buffer overflow and allow arbitrary code to run on the machine affected.

Details of the flaw and the patch procedure are available.

To read the original version of this story, visit SearchSecurity.com.

Tags: Daily or Weekly,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Daily or Weekly Microsoft to release 11 new security fixes on Patch Tuesday More attacks on PowerPoint, IE Apple defends wireless security; flaws crop up anyway ZERT rekindles third-party patching debate Dell, Symantec simplify Secure Exchange for SMBs Burton Group: Web application firewall market maturing Fending off an Active Directory attack Security Blog Log: The new clearinghouse for flaws NAC, VPNs and behavior analysis in the Interop spotlight Change control helps IT deal with changing threats

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary