Why was this posted to the jfw list? Is this off topic? -----Original Message----- From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of David Ferrin Sent: Tuesday, September 26, 2006 9:11 PM To: [email protected] Subject: [jaws-users] Microsoft puts out fix for Explorer flaw
Microsoft puts out fix for Explorer flaw (AP) Published Tue, 26 Sep 2006 22:33:18 GMT AP - Microsoft Corp. rushed out a fix Tuesday for a security flaw in its Internet Explorer Web browser after attackers had begun exploiting the vulnerability to take control of computers. Yahoo! News By ALLISON LINN, AP Business Writer 6 minutes ago SEATTLE - Microsoft Corp. rushed out a fix Tuesday for a security flaw in its Internet Explorer Web browser after attackers had begun exploiting the vulnerability to take control of computers. The Redmond-based software maker said it was putting out the fix ahead of the next scheduled security fix release date on Oct. 10 because of the severity of the problem. The flaw carries Microsoft's highest "critical" rating. The vulnerability in Microsoft's browser is particularly worrisome to security experts because computer users could come under attack just by visiting a Web site that had been manipulated to take advantage of the flaw. That, in turn, would give an attacker complete control of a user's computer, including access to e-mails, personal information and other data. Johannes Ullrich, chief technology officer with the security research organization SANS Institute, said it appears that a couple of thousand Web sites have already been manipulated to launch such attacks. The attack also seems to be spreading via e-mail, he said. Stephen Toulouse, senior product manager in Microsoft's security technology unit, said Microsoft had only seen very limited attacks since the flaw became public a little over a week ago. But he said the activity was enough to prompt the company to release the update ahead of schedule. "What we're seeing from our end are very specific, limited attacks," he said. This is the latest in a series of flaws that have been publicly disclosed before Microsoft was able to offer users a patch. More typically, security researchers at outside organizations, or within Microsoft itself, discover the flaws and work in secret to come up with a patch before attackers have a chance to take advantage of them. Ullrich faulted Microsoft for not getting a fix out sooner, noting that attacks are already under way, and urged users to get the fix immediately. "Installing the patch is definitely the way to go," he said. [Non-text portions of this message have been removed] Visit the JAWS Users list home page at: http://www.jaws-users.com For a complete list of email commands pertaining to the JAWS Users List send a blank email to: [EMAIL PROTECTED] Visit the new archives page at the following address http://www.mail-archive.com/[email protected]/ Yahoo! Groups Links Visit the JAWS Users list home page at: http://www.jaws-users.com For a complete list of email commands pertaining to the JAWS Users List send a blank email to: [EMAIL PROTECTED] Visit the new archives page at the following address http://www.mail-archive.com/[email protected]/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/jaws-users/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/jaws-users/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
