微软补丁
Following recommendations from the French and German governments that users should switch from Internet Explorer, Microsoft has decided to release an emergency browser patch before the next scheduled update on February 9, 2010.
根据法国和德国政府的建议,即用户应从Internet Explorer切换 ,Microsoft已决定在2010年2月9日的下一个计划更新之前发布紧急浏览器补丁。
The IE flaw was identified as one of the primary targets of the recent attacks on Google’s GMail and other systems which originated in China. The attack, known as “Aurora,” caused several governments and security companies to issue warnings about IE and recommend users switched browsers until Microsoft produced a patch. (Although some took a more cautious approach stating that attacks were rare and switching browsers might give users a false sense of security.)
IE漏洞被确定为最近对源自中国的Google GMail和其他系统的攻击的主要目标之一。 这种被称为“ Aurora”的攻击导致数家政府和安全公司发布有关IE的警告,并建议用户切换浏览器,直到微软发布补丁为止。 (尽管有些人采取了更为谨慎的方法,指出攻击很少发生,并且切换浏览器可能会给用户带来错误的安全感。)
Microsoft continue to deny there is a significant problem, but they cannot really win in this situation. By not issuing a fix, the publicity would make people question IE’s security and could prompt businesses and individuals to abandon the browser. By issuing the patch ahead of normal release schedules, Microsoft appears to be admitting that the flaw is as serious as reported.
Microsoft继续否认存在重大问题,但是在这种情况下他们无法真正取胜。 通过不发布修复程序,宣传将使人们质疑IE的安全性,并可能提示企业和个人放弃浏览器。 通过在正常发布时间表之前发布补丁,Microsoft似乎承认该漏洞与所报告的一样严重。
The Microsoft Security Response Center statement includes:
Microsoft安全响应中心声明包括:
Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability.
鉴于此问题引起了人们的高度关注,对于客户可以采取哪些措施来保护自己以及不断升级的威胁环境,Microsoft会为此漏洞发布带外安全更新,这令人感到困惑。
In my opinion, it doesn’t matter whether the security problem is minor or difficult to exploit. You can guarantee programmers and hackers across the world are investigating the flaw because of the publicity which surrounds it. Microsoft is doing the right thing and the patch will be issued once it’s passed the company’s testing procedures.
我认为,安全问题是次要的还是难以利用的都没有关系。 您可以保证全世界的程序员和黑客都在调查该漏洞,因为它周围有很多宣传。 Microsoft做正确的事,一旦通过该公司的测试程序,便会发布该补丁。
Many will argue that IE should never have had the flaw in the first place or that it should have been fixed at some point within the past decade. All those who produce perfect bug-free code may mock Microsoft now!…
许多人会认为IE最初不应存在此缺陷,或者应该在过去十年中的某个时间点修复它。 所有产生完美的无错误代码的人现在都可以嘲笑Microsoft!…
翻译自: https://www.sitepoint.com/microsoft-emergency-ie-update/
微软补丁
相关资源:微软MPEG-2视频0Day漏洞补丁.rar