Microsoft has finally acted on the widely reported serious security glitch in its Internet Explorer browser, issuing an emergency fix one week after the “zero-day” vulnerability first came to light .
The company had missed the glitch in last week’s record Patch Tuesday issuing of 28 fixes for its software earlier in the week.
The vulnerability allows hackers to take over victims’ PCs by steering them to innocent-looking but infected Web sites. Internet Explorer users don’t have to download anything for their computers to become infected. Thousands of Web sites are already said to have been compromised.
Microsoft said it plans to ship a security update, rated “critical”, for the browser on Wednesday, US time. People with the Windows Update feature activated on their computers will get the patch automatically.
In Australia, Microsoft said: “To date, the impact on Microsoft’s Australian customers has been minimal and Microsoft is not advising Internet Explorer users to switch browsers.” But Internet watchdog AusCert has advised IE users to use another browser, at least for the time being. Choices would include Mozilla’s Firefox, Apple’s Safari, Norway’s Opera and Google’s Chrome.