Hackers infected Windows PCs at Google and other Western companies with Aurora in late 2009 and early 2010 by exploiting a then-unpatched bug in IE6. Google accused Chinese hackers of breaking into its network, a charge that prompted the search giant to threaten a shutdown of its Chinese operations.
While Wee continued Wednesday to say that Microsoft was aware of only a "small number of customers" victimized by the newest IE zero-day, the company typically unleashes an emergency update only when it believes the threat is substantial and when the volume of attacks is quickly increasing.
IE6, IE7, IE8 and IE9 all are vulnerable to attack, Microsoft confirmed in an advance notice of the impending patch. Only IE10, the version bundled with Windows 8, does not contain the bug.
One security researcher predicted at least part of Microsoft's news several hours before the Redmond, Wash., software maker announced its next move.
"I think we'll see the Fixit today and [a] patch tomorrow," said Andrew Storms, director of security operations at nCircle Security, during a Wednesday instant message conversation. "They've been communicating something every day so far this week," Storms said.
On Tuesday, Microsoft said it would issue a Fixit tool "in the next few days."
Microsoft will release the emergency update at approximately 1 p.m. ET Friday via the Microsoft Update and Windows Update services, as well as through WSUS (Windows Server Update Services), the de facto corporate patch deployment tool.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is firstname.lastname@example.org.