Redmond (WA) – Yesterday, Microsoft made good on the quick patch promise they had made earlier in the day. It repairs a critical bug affecting Internet Explorer versions 5.01, 6, 7 and 8 Beta 2 which could allow remote code execution just by visiting an infected website.
The patch is available via the normal Windows Update download process. Users are encouraged to obtain and install the patch immediately as there are more than 10,000 websites “in the wild” which have already used the exploit to infect user’s machines. No special action is required for the bug to be used. Just visiting an infected website can corrupt the machine.
Microsoft typically releases patches only once per month, on the second Tuesday of each month. This emergency patch is called an “out of band” patch, and Microsoft released it this way due to its severity and wide-sweeping user impact.
Microsoft’s web browsers account for nearly 70% of worldwide web browser use. Firefox recently exceeded 20% for the first time. Safari is third at 7.13% with newcomer Google Chrome at 0.83% already surpassing Opera, which fell to 0.71%.