Computerworld: As expected, Microsoft has released an emergency patch for the Internet Explorer vulnerability that Chinese hackers allegedly exploited in an attack on Google and other U.S. companies. In a blog post, Microsoft's Jerry Bryant revealed that the company had known about the problem for some time, writing, "As part of [our] investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."
The man credited with spotting the vulnerability, Eyal Gruner of BugSec Security, declined to fault Microsoft for taking so long to release the patch, but he did say that he wasn't surprised hackers exploited the flaw. "We found this vulnerability very easily, and we didn't think it would be hard for others to find."
The security update also fixes seven other bugs in Internet Explorer.