Have you patched Internet Explorer 7 yet?

by Graham Cluley on February 18, 2009 | Comments Off

Filed Under: Vulnerability

We're seeing evidence of a vulnerability in Internet Explorer 7 being exploited in the wild.

The vulnerability (known as MS09-002) allows malicious webpages to run code on your computer which could, of course, infect your PC, commandeer your computer to be part of a botnet, or steal your identity.

Hackers are increasingly using the web to infect unsuspecting computer users, so sadly it came as no surprise to come across a website that was carrying code that exploited the vulnerability:

Malicious script

Fraser Howard of SophosLabs has blogged in more detail about this, and has provided information about how Sophos proactively protects against the threat. But the most important thing is that you patch your systems with Microsoft's fix.

Every month Microsoft issues a bundle of security patches for users of its software, and customers are
urged to install them before the bad guys exploit them. Microsoft doesn't issue these patches and advisories for fun - make sure that you are keeping your users protected against the latest vulnerabilities.

Tags: , ,

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.