updated 04:55 pm EST, Thu December 18, 2008
MS quick to fix IE7 bug
Microsoft is being praised by industry professionals for already releasing a fix for what it itself calls a critical security flaw in its Internet Explorer 7 Internet browser. The patch addresses a flaw in the data-binding function of 5.01, 6, 7 and 8 Beta 2 versions of the popular web browser. It was at first believed only IE7 was affected, but research revealed all currently available versions of the browser have the issue.
Hackers have been taking advantage of the weakness for the last couple of weeks, with the first public-available instance of the exploit discovered on December 9th. While analysts are praising Microsoft for the quick fix, they believe the bug's fast rate of exploitation prompted the company to take such fast action. The company was also afraid of losing user to competing products from Apple, Mozilla, Google or Opera.
The patch is now available from Windows Update for Windows 2000, XP, Vista, Server 2003 and Server 2008. [via ComputerWorld]