2010年1月22日 编辑:Vista之家 - 人气: 评论:0


一早醒来,发现Windows Update里面已经有包含IE 0day漏洞的IE集成补丁了,话不多说,赶紧截图并来之家通知大家赶紧下载升级。写完本文后,小编也要自己去升级了。

本次的IE补丁是Internet Explorer的累计补丁,总共修复了8个漏洞,其中包括导致Google在内的多家公司被攻击的哪个0day漏洞。



查看微软官方详细补丁信息:Microsoft Security Bulletin MS10-002 - Critical


IE 0-Day Patch Available Today
As close to 10:00 a.m. PST as possible

Following the public reports of an unpatched zero-day vulnerability being actively exploited in limited and targeted attacks, Microsoft has moved extremely fast to produce a patch rendering the exploits useless. The security hole the Redmond company will plug today, January 21st, 2010, was used as one of the vectors in the now infamous attacks against Google and a roster of US-based companies, originating from China. MS10-002, as the label implies, is the second security bulletin that Microsoft will release in 2010, and it will impact all supported versions of Internet Explorer.

“We are planning to release the update as close to 10:00 a.m. PST as possible. This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical. It addresses the vulnerability related to recent attacks against Google and a small subset of corporations, as well as several other vulnerabilities,” revealed Jerry Bryant, senior security program manager, Microsoft.

MS10-002 is what Microsoft refers to as an out-of-band security update, because it does not follow the schedule of the company’s monthly patch cycle. As noted by Bryant, MS10-002 was initially planned for availability in the second Tuesday of February 2010. Microsoft Security Bulletin Advance Notification for January 2010, published on January 20, offers insight on the patch package which the Redmond company will start serving to Internet Explorer users later today.

To this day, Microsoft has only identified limited and targeted attacks against Internet Explorer 6. However, the vulnerability affects all supported versions of Internet Explorer, including IE7 and IE8 running on Windows XP, Windows Vista and IE8 on Windows 7. The Redmond company considers the security vulnerability Critical, especially since attacks have already proven that successful exploits allow attackers to perform remote code execution.

“Once applied, customers are protected against the known attacks that have been widely publicized. We recommend that customers install the update as soon as it is available. For customers using automatic updates, this update will automatically be applied once it is released,” Bryant added. 




软媒旗下软件: 魔方 | 旗鱼浏览器(极速核心) | 闪游浏览器 | 软媒时间 | 酷点桌面 | Win7优化大师 | Win8优化大师 | Vista优化大师 | Windows一键还原 | 软媒手机APP应用

软媒旗下网站 IT之家 | 辣品 | IT圈 | 6655网址之家 | Win10之家 | iPhone之家 | Win8之家 | Win7之家 | Vista之家