Discovered last month, the vulnerability could allow an attacker to take control of a Windows computer running one of the older versions of Internet Explorer directing users to malicious websites. In response, Microsoft has proposed several solutions and even offered a "one-click fix" designed to alleviate the problem, but those who were considered as temporary solutions.
Update today will completely solve the problem, according to Microsoft. Scheduled for deployment to 10 pm PT, the fix will be available as a critical update, which means it will automatically be applied to all computers with Windows Automatic Updates enabled. Otherwise, users must install the update manually via Windows Update.
Security professionals wondering when Microsoft would address this flaw, since the company has not addressed the problem in the patch last week deployment Tuesday. But a fix for the bug was already underway.
Dustin Childs, group manager of Microsoft Trustworthy Computing, told CNET January 4 that the company is actively working on an update for Security Explorer zero-day issue.nternet 9 and 10 are protected from this particular defect, so that users of older versions of the browser will need to install the update.
Microsoft said it found only a limited number of people affected by this bug, but acknowledged the possibility that more could be allocated on the road.
The Company will host a live webcast at 1 pm PST today to answer questions about the update.
