| Home : March 08 2013 Computer News : Microsoft patch targets Internet Explorer drive-by attacks |
|
Microsoft patch targets Internet Explorer drive-by attacks |
March 08, 2013
Internet Explorer vulnerabilities warrant notice in this month's set of Microsoft Patch Tuesday bulletins and need to be fixed quickly even though the sheer number of patches may seem daunting.
The weaknesses leave users open to drive-by attacks where malicious code is downloaded without the user's knowledge while browsing. Not patching them because they are time-consuming will just widen the window of opportunity hackers have to exploit them, says Alex Horan, a senior product manager at CORE Security.
"Preventing future drive-by style attacks and protecting end-users appear to be the theme of this month's Patch Tuesday," Horan says. "These patches can be a hassle for users to deploy and have the potential to create a long enough delay where hackers can take advantage."
So far the weaknesses haven't been exploited. "Fortunately, this issue has no known attacks in the wild," says Paul Henry, a security and forensic analyst at Lumension. "However, you should still plan to patch this immediately. "
To read this article in full or to leave a comment, please click here
Link: http://www.networkworld.com/news/2013/030713-microsoft-patch-tuesday-267493.html#tk.rss_all
|
|
|
|
|
