Microsoft is issued a security update on Tuesday that addresses an Internet Explorer ActiveX Control vulnerability that will help malware to be installed on computers when users visited at least one breached Web site.
Microsoft said Monday that vulnerability CVE-2013-3918, which was disclosed Friday by security researcher FireEye, was already scheduled to be addressed in "Bulletin 3" on Tuesday. An exploit described by the security firm as a classic drive-by attack is already in the wild, targeting English versions of IE7 and 8 in Windows XP and IE8 on Windows 7.
Post a Comment