MOUNTAIN VIEW, Calif. - Microsoft announced it will ship on Wednesday an emergency patch to fix a security breach first reported Dec. 9.
According to The Washington Post, Microsoft acknowledges the flaw is present in all versions of Internet Explorer from IE5 through IE8 Beta 2, and estimates that one in every 500 users of IE could have been exposed to websites that attack the flaw.
The affected websites are being hacked and code is being inserted to install software that will steal passwords and other sensitive information when vulnerable users visit the sites with IE. Estimates are that more than 2 million websites have been compromised through the security flaw.
Traditionally, Microsoft ships patches the second Tuesday of each month, but when critical flaws have been detected, the company has issued emergency patches.