Updated IE Malware Faster and More Vicious

On March 22, a critical bug in Microsoft Internet Explorer was revealed.

As I posted in a previous entry, Microsoft is working on a patch for this vulnerability and plans to have it available on or before April 11.

“Hackers have posted a new version of the malicious software that makes it easier for them to take advantage of an unpatched system.
Older versions of the malware could freeze victims’ browsers for more than a minute, giving them an opportunity to shut down their computers or stop the malicious software before it could complete its work. But the new software works more quickly, meaning it will be particularly effective on older machines with limited memory and processing capabilities…”

Patches have been released in advance of the official Microsoft release. It is not recommended that you install these third party patches. Microsoft suggests, as a work-around, disableing IE’s Active Scripting feature.

Be sure to install the patch from Microsoft as soon as it becomes available.

New generation of IE malware now circulating

Microsoft Security Advisory (917077)