Zero-day IE flaw not in Microsoft Patch Tuesday

Powered by SC Magazine
 

Vulnerability stays unpatched.

Microsoft has not included Internet Explorer in its Patch Tuesday list, leaving a zero-day vulnerability without a fix.

The flaw could allow hackers to obtain information, or take any action that the user could take on an affected website.

The Redmond giant could be placing the browser at even greater risk, as the controversial hacking contest Pwn2Own is due to start next week.

Both Google and Mozilla have patched their browsers in time for the event, but Microsoft has opted not to.

Websense recently reported flaws in Internet Explorer were targeted as part of a hack on ad firm Unanimis that could have placed tens of thousands of people in danger.

Next week’s Patch Tuesday will be a relatively light one, with just three bulletins, one of which is rated as critical while the other two are rated important.

“The critical update affects Windows XP, Vista and Windows 7 while Windows Sever 2003 and Server 2008 are not affected,” said Amol Sarwate, manager at the Qualys vulnerability research lab.

“One of the important updates affects all Windows operating systems and we expect it to be for the MHTML Information Disclosure issue, which was left un-patched in last month's patch cycle.”

This article originally appeared at itpro.co.uk

Copyright © ITPro, Dennis Publishing


Zero-day IE flaw not in Microsoft Patch Tuesday
 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Microsoft Outlook is now on iPhone and iPad: why could this be useful?
Jan 30, 2015
Microsoft today released Office for Android and Outlook for iOS - complementing the other Office ...
Franchisees, here's something you should know about
Jan 23, 2015
You need to know the Code if you are a franchisee or franchisor as the penalties are significant.
Xero users rejoice! Quoting has finally arrived
Jan 23, 2015
It has taken years, but Xero has at last added integrated quoting to its online accounting software.
You can now get a no-contract wi-fi tablet from Telstra
Jan 17, 2015
Telstra has began selling wi-fi tablets out of contract without paying extra for cellular ...
Get your business ready for 2015: mobile payments
Jan 2, 2015
These handy apps from MYOB, Xero and others can reduce your administrative load and improve ...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3102

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 989

Vote