Microsoft has released an out-of-band update to fix a security issue in both Internet Explorer 6 and 7.

Internet Explorer 8 is safe this time, while the vulnerability could allow for remote code execution when a user visits a website with the malicious inserted in it. Full details on the issue can be seen in Microsoft Security Advisory (981374).

The update is included with Security Bulletin MS10-018 and the flaw is rated as critical, and was originally expected during the 13th April update cycle.

“The Internet Explorer team accelerated testing of this update due to the growing attacks against the publicly disclosed vulnerability” wrote Microsoft Security Response Center Group Manager Jerry Bryant.

The update is available from Microsoft Update, or will be pushed out to Windows users who have automatic updates turned on.

Comments are closed.