gHacks technology news » internet explorer patch

Microsoft Internet Explorer Security Update

Martin — Tue, 28 Jul 2009 20:40:10 +0000

Microsoft has released a critical security fix for their Internet Explorer web browsers. The vulnerability, actually its more than one that are patched by the cumulative patch, affect most Internet Explorer still in use by users worldwide including Internet Explorer 6, Internet Explorer 7 and the latest version Internet Explorer 8. The vulnerability does only affect Internet Explorer versions running on Windows operating systems. The most popular Microsoft operating systems are all affected including Windows XP, Windows Vista and even the soon to be released Windows 7.

This security update is being released out of band in conjunction with Microsoft Security Bulletin MS09-035, which describes vulnerabilities in those components and controls that have been developed using vulnerable versions of the Microsoft Active Template Library (ATL). As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035.

This security update also resolves three privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, running on supported editions of Microsoft Windows 2000; Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows XP; Critical for Internet Explorer 7 and Internet Explorer 8 running on supported editions of Windows Vista; Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows Server 2003; and Moderate for Internet Explorer 7 and Internet Explorer 8 running on supported editions of Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.

Windows users should make sure to download the security update as soon as possible. It is available at the usual sources including automatic updates, Windows Update or Microsoft Update.

Tags: internet explorer patch, internet explorer security, internet explorer vulnerability, internet-explorer, microsoft, web browser

Internet Explorer Vulnerability Fix

Martin — Tue, 07 Jul 2009 09:04:39 +0000

Microsoft has released a security advisory about a vulnerability in Microsoft Video ActiveX Control which can be exploited remotely in Internet Explorer. The vulnerability advisory states that Microsoft is aware that attackers are trying to exploit the vulnerability. Internet Explorer users are therefor advised to fix the vulnerability as soon as possible to prevent possible attacks on their computer system.

The security vulnerability affects only Windows XP and Windows Server 2003 systems. Computer systems running Windows Vista, Windows Server 2008 or Windows 7 are not affected because “the ability to pass data to this control within Internet Explorer” is restricted in these operating systems.

A successful attack will give the attacker the same user rights as the currently logged in user. Microsoft has issued a workaround for the Internet Explorer vulnerability that can be applied manually or using Microsoft Fix It.

The fastest way to patch the security vulnerability is to use the Microsoft Fix It script that will perform all the actions of the workaround automatically. The fix will basically remove support for the ActiveX Control in Internet Explorer. This should not have any impact on the web browser’s functionality according to Microsoft.

Tags: internet explorer patch, internet explorer vulnerability, internet-explorer, microsoft fix it, microsoft video activex control, security advisory, windows server 2003, windows-xp

Internet Explorer 8 And 64-bit Windows Fixes

Martin — Wed, 01 Apr 2009 14:43:41 +0000

Microsoft’s new web browser Internet Explorer 8 has been released about two weeks ago and received more praise than criticism since then. Two non security related fixes were released today by Microsoft for Internet Explorer 8. The first fix deals with a problem encountered when running the web browser in the 64-bit edition of Windows Vista. A system administrator that wants to prevent users from working with Internet Explorer 8 can clear the “Enable access to this program” check box in the “Set Program Access and Computer Defaults”. This should disable access to Internet Explorer on the computer system.

While this works as intended in the 32-bit edition of Windows Vista it does not in the 64-bit edition as it is still possible for users to access Internet Explorer from the Windows start menu. The hotfix corrects the issue so that the function is working as intended on 64-bit editions of Windows Vista as well.

The second problem affects the 64-bit editions of Windows Vista, Windows Server 2003 and Windows Server 2008. Microsoft describes the problem the following way:

The Image Delivery server that runs the 64-bit version of Windows Server 2008 or of Windows Server 2003 stops delivering images when you deploy an operating system by using an image-based installation method

The hotfix can also be downloaded directly by visiting the Microsoft Knowledge Base article.

Tags: ie8, internet explorer 8, internet explorer fix, internet explorer patch, microsoft, microsoft hotfix, windows hotfixes, windows patch, windows server 2003, windows server 2008, windows-vista

gHacks technology news » internet explorer patch

Microsoft Internet Explorer Security Update

Related posts

Internet Explorer Vulnerability Fix

Related posts

Internet Explorer 8 And 64-bit Windows Fixes

Related posts