News - Security Issues

IE6 attack code used to hack Google now public

The dangerous Internet Explorer attack code used in last month's attack on Google's corporate networks is now public. The attack is very reliable on Internet Explorer 6 running on Windows XP, and it could possibly be modified to work on more recent versions of the browser.

Microsoft issued a security advisory on the IE flaw Thursday and has not ruled out the possibility of rushing out an emergency "out-of-cycle" patch to fix it. Microsoft's next set of security patches is due February 9, giving hackers more than three weeks to exploit the flaw.

In the meantime, Microsoft urges users to enable their firewall, install all software software updates, and use antivirus software.