Microsoft pushes emergency browser fix for 10 bugs

By on
Microsoft pushes emergency browser fix for 10 bugs

One 'critical' flaw across all versions of browser.

Microsoft has pushed out an emergency patch for a publicly known Internet Explorer (IE) vulnerability that has faced increasing exploits in recent days.

The flaw, which can permit the execution of remote code, affects only IE6 and 7, not the latest version (IE8) of the popular web browser, according to a Microsoft advisory posted earlier this month. A fix was scheduled for April 13, but was fast-tracked "due to growing attacks", Jerry Bryant, Microsoft's group manager for response communications, said in a blog post.

Tuesday's rare, out-of-band patch — Microsoft typically only releases security updates on the second Tuesday of each month — also resolves nine other bugs, none of which were publicly known prior to Tuesday. But experts do expect attackers to now reverse engineer the patch details to create fresh exploits.

Three of the nine newly announced vulnerabilities affect IE8. However, just one of the flaws warranted "critical" status across all versions of IE.

"I assume that basically what happened is the fix for the first vulnerability allows criminals to understand or gain information about the other vulnerabilities, so they had to release it all at once," Mickey Boodaei, CEO of internet security firm Trusteer, told SCMagazineUS.com.

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
10browserbugsemergencyfixformicrosoftpushessecurity

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections
Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing

Log In

  |  Forgot your password?