Microsoft has released a cumulative security update for Internet Explorer 7 and 8 that fixes several critical vulnerabilities in the web browser. It is recommended to update Internet Explorer as soon as possible to fix those vulnerabilities. The vulnerabilities are rated critical for Internet Explorer versions running under Windows XP or Windows Vista and moderate for Windows Server 2003 and Windows Server 2008. The article is mentioning downloads for Internet Explorer 8 beta but the linked article is not containing any. This seems to suggest that Internet Explorer 8 is affected by the vulnerability as well. This probably only affects pre release candidate builds of Internet Explorer 8.
The security update fixes the following two vulnerabilities: Uninitialized Memory Corruption Vulnerability and CSS Memory Corruption Vulnerability. Since it is a cumulative update it does apply all previous security updates for Internet Explorer on the computer system.
The easiest way to update affected systems is to use Microsoft Update which will download and apply the security updates automatically. The other possibility is to download the patch from Microsoft Download and apply it manually.
Microsoft has released three additional security bulletins:
- Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
- Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
- Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
Read Related Posts
-
Microsoft August 2008 Security Updates
-
Microsoft releases security updates for XP and Vista
-
Microsoft Security Updates April 2009
-
Microsoft Security Updates for June 2008
-
Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities
-
Microsoft Security Patches for June 2009
-
Microsoft updates two critical security patches
-
Windows Security Updates September 2008
Honestly, I am tired of downloading updates every week. This creates a major hassle when I reinstall the system (which is usually once a year), downloading another Gb or so updates every time.
Just curious if there is any offline installer for all the updates release so far, except SP2 and SP3. I knew one but heard lastly that they got a notice for Microsoft and they pulled down the site. Any other alternative?
Thanks in advance.
http://www.heise.de/ct/projekte/offlineupdate/download_uk.shtml
Allows you to make a scripted based install for all updates, also allows you to download and backup all updates too, will download service but there is a choice not to.
In addition to Heise (above), you can get an offline installer for all updates at:
http://www.windowsupdatesdownloader.com/
BillB:
Not bad, but the advantage my suggestion has over yours is the ability to install and walk away as it will do everything for you.