Kevin Remde's IT Pro Weblog
IT Pro Resources
TechNet EventsMicrosoft Security Response CenterMicrosoft Virtual AcademyKevin’s Evaluation Download Center
IT Pro Evangelist Blogs
Blain Barton Blain Barton's Blog@BlainBar
Brian LewisMy Thoughts on IT...@BrianLewis_
Dan Stolts IT Pro Guru Blog@ITProGuru
Jennelle Crothers TechBunny@jkc137
Kevin RemdeFull of I.T.@KevinRemde
Tommy PattersonVirtually Cloud 9@Tommy_Patterson
Yung Chou Yung Chou on Hybrid Cloud@YungChou
This is an important one folks.
“Who or what software does this impact"?”
You can see the full list HERE under the “Affected Software” section. But in a nutshell it’s every OS from Windows 2000 and later on running Windows Internet Explorer 6 and later. Yes, it includes Internet Explorer 8.
“What’s the exploit?”
A maliciously crafted website could allow an attacker to gain access to a computer using the same security rights as the logged on user.
“Is there any good news in this?” I guess if there were any good news, it would be that there have not (as of this writing) been any exploits of IE 7 or IE 8, but the proof of concept is real and valid.
This also doesn’t impact “Core” installations of Windows Server 2008 or Windows Server 2008 R2.
“Where can I get the update?”
The update(which, by the way, is a “cumulative update”) will be available at or around 10:00AM Pacific time, and there will be a new Security Advisory published also. In the meantime, you can reference Security Advisory 979352. When the new advisory and the update are available, I will post links to them here.
Here is the security bulletin - http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx
And the updated security advisory is live here - http://www.microsoft.com/technet/security/advisory/979352.mspx
Here's what the MSRC has to say about it.
And finally; if here is the "Regular IT Guy" perspective.
I AM LOOKING FOR A SECURITY DOWN LOAD THAT IS SIMPLY AND EASY TO USE HAVE YOU GOT ONE I AM FRUSTRATED WITH LOOKING FOR ONE AND THE COMPUTOR SAYS WE DO NOT HAVE ONE AND NEADS ONE OR UP DATES HELP PLEASE