Microsoft’s monthly patches released today, Tuesday August 9th, 2011 include critical fixes for seven holes in Internet Explorer that could really wreak havoc on your systems used to browse the Internet. You can read about the whole batch of patches at http://www.microsoft.com/technet/security/bulletin/ms11-aug.mspx and watch the video scheduled for tomorrow morning explaining everything in depth, but skip the time to do that right now and immediately at least find some way to apply MS11-057 / KB2559049 and VERIFY that it has been applied.
If you don’t already have an automated system to apply and verify it like Omega ATC’s Omega service or product, then go to each system and manually apply it for now. A user that browses to a web page with the easy to implement exploit code on it will immediately give the site their user’s rights on their system. Worse yet, if the user is logged in as an administrator at the time, the web site exploit code will even have administrator rights to the user’s machine. The exploit works on Internet Explorer versions 6 through 9, so it is likely many of your systems could be impacted. Microsoft and others predict that there will be wide-spread exploitation of the holes that MS11-057 repairs all over the Internet within the next 30 days. So, get your systems that have Internet Explorer patched ASAP!
