Grotendo writes "Microsoft plans to release an emergency patch for Internet Explorer very soon to counter targeted attacks and the publication of exploit code for a 'browse and you're owned' vulnerability in its flagship Web browser. The out-of-band update will be released once the company is satisfied that it has been properly tested against all affected versions of Windows. This could happen as early as this weekend."
Microsoft has downplayed the seriousness of the IE zero-day
, and insisted that it affects only IE6 even as security researchers close in on exploits for IE7 and IE8
. Microsoft has had no comment about the firestorm that Google unleashed by directly accusing the Chinese of cyber espionage. ShadowServer has up a sobering post
on the massive extent of the problem of "groups that can be referred to as the Advanced Persistent Threat."