MUST READ: Congress demands answers from Google over Glass privacy concerns

Topic: Browser

Patch Tuesday heads-up: Critical IE update among 13 bulletins

Summary: The "critical" Internet Explorer update fixes flaws that introduce remote code execution risks on all versions of Internet Explorer, including the newest IE 9.

Ryan Naraine

By for Zero Day |

Microsoft is planning a bumper Patch Tuesday for August -- 13 bulletins with patches for 22 potentially dangerous security vulnerabilities.

Two of the 13 bulletins are rated "critical," Microsoft's highest severity rating.

follow Ryan Naraine on twitter

Microsoft Windows users will want to pay special attention to the Internet Explorer bulletin because the issues can expose users to drive-by download attacks via the browser.

The update fixes flaws that introduce remote code execution risks on all versions of Internet Explorer, including the newest IE 9, according to Microsoft's advance notice.

This month’s patch batch will also supply fixes for holes in Microsoft Windows, Microsoft Office, .NET and Visual Studio.

All 13 bulletins will be released on Tuesday, August 9 at approximately  1:00 PM Eastern.

Topics: Browser, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

39 comments
Log in or register to join the discussion

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    Let me get this straight -- the update INTRODUCES risks?
    elffuts
    Reply Vote

    • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

      @elffuts
      no--it says update FIXES FLAWS that introduce remote code execution risks--the flaws are already there!
      Rainbow_722
      Reply Vote

      • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

        @Rainbow_722 Heh, I think elffuts was referring to the wording in the update email:
        The "critical" Internet Explorer update introduces remote code execution risks on all versions of Internet Explorer, including the newest IE 9.
        SenorAlejandro
        Reply Vote

      • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

        @Rainbow_722 That's what it says now, but that's not what was in the original post. They corrected it, but have yet to acknowledge that they did so.
        elffuts
        Reply Vote

    • Possibly...

      @elffuts
      It wouldn't be the first time!
      rahbm
      Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    If the update introduces these risks, that would indeed be something ridiculous for MS to advertise. More likely the update removes the risks on an updated system.
    rsservices@...
    Reply Vote

    • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

      @rsservices@... I would certainly hope so!
      elffuts
      Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    I read it 8 or 9 times, and it says "Introduces". I thought I was going crazy.. Yikes!
    Tsiskin
    Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    What the heck!!! Where are they writing the code for these patches??? In China???

    Introduces or plugs remote code execution???
    allenc@...
    Reply Vote

    • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

      @allenc@...
      LMAO :D
      MrElectrifyer
      Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    i didn`t know anything about this before this message...now everybody knows and we have to wait until the 13th...wow really clever
    DavidLP1
    Reply Vote

    • Everybody knows what?

      @DavidLP1
      What exactly does everyone know now? Please point out the details of these vulnerabilities.
      toddybottom
      Reply Vote

    • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

      @DavidLP1
      I agree. People who exploit these vulnerabilities - "drive-by download attacks " - now have until Tuesday to attack. Why supply advance info to challenge them?
      winlak
      Reply Vote

      • I'll ask you the same question

        @winlak
        What info were they supplied with that they didn't already know?
        toddybottom
        Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    Uhhhhhh. Folks? Just bad choice of words in the headline. How about "reveals" instead of "introduces"?
    :-)
    scorpio1113
    Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    Sent this article to friend of mine at Micrsoft tech net and he busted out laughing, he said somebody at ZDnet needs to learn to write an article the right way. We are not the threat.
    pagraves
    Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    probably meant "reduces" remote code execution risks on all versions of Internet Explorer, including the newest IE 9, according to Microsoft?s advance notice.
    MarshalK
    Reply Vote

    • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

      @MarshalK Hopefully the patch will <b><i>eliminate</b></i> the risk, not just reduce it!
      Rodo1
      Reply Vote

  • RE: Patch Tuesday heads-up: Critical IE update among 13 bulletins

    Where's the author Ryan Naraine on all this? He wrote the article. He should be confirming or clarifying his statement NOW! Meanwhile, since the update has already ocurred I'm switching to Firefox until either Ryan or Microsoft comes out with an official position.
    ron.lee@...
    Reply Vote

  • Somebody has to have goofed!

    Instead of "introduces" or "reduces," it probably is intended to have said "mitigates" or "blocks." Introduces sounds like somebody made a BIG typo and hasn't realized it yet. I'll bet it will be updated within a few hours.
    Digirati
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close