Microsoft Internet Explorer Security Update

Martin Brinkmann
Jul 28, 2009
Updated • Dec 9, 2014
Security
|
4

Microsoft has released a critical security fix for its Internet Explorer web browsers.

The vulnerability, actually its more than one that is patched by the cumulative update, affect most Internet Explorer versions still in use by users worldwide including Internet Explorer 6, Internet Explorer 7 and the latest version Internet Explorer 8.

The vulnerability does only affect Internet Explorer versions running on Windows operating systems. The most popular Microsoft operating systems are all affected including Windows XP, Windows Vista and even the soon to be released Windows 7.

This security update is being released out of band in conjunction with Microsoft Security Bulletin MS09-035, which describes vulnerabilities in those components and controls that have been developed using vulnerable versions of the Microsoft Active Template Library (ATL). As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035.

This security update also resolves three privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1, running on supported editions of Microsoft Windows 2000; Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows XP; Critical for Internet Explorer 7 and Internet Explorer 8 running on supported editions of Windows Vista; Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 running on supported editions of Windows Server 2003; and Moderate for Internet Explorer 7 and Internet Explorer 8 running on supported editions of Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.

Windows users should make sure to download the security update as soon as possible. It is available at the usual sources including automatic updates, Windows Update or Microsoft Update.

Advertisement

Previous Post: «
Next Post: «

Comments

  1. surya said on October 31, 2010 at 11:21 am
    Reply

    good

  2. paulus said on July 29, 2009 at 1:01 am
    Reply

    Thanks Martin for this perfect on time notification from this update from Microsoft and more than great readable and detailed, article from you hand. Please keep up the good work.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.