Microsoft to fix critical hole in IE

Elinor Mills CNET News | July 27, 2009 4:26 AM PDT

Summary

In a rare move, Microsoft said it will be releasing security updates on Tuesday - for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.

Topics

Vulnerability, Microsoft Internet Explorer, Microsoft Corp., Microsoft Visual Studio, Microsoft Development Tools, Web Browsers, Development Tools, Software Development, Software/Web Development, Internet, Microsoft, security, Internet Explorer, patch, Elinor Mills CNET News

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.

The two security bulletins will address one overall issue and are being released separately "to provide the broadest protections possible to customers," Microsoft said in a statement.

The vulnerabilities affect Windows 2000, Windows XP, Vista, Windows Server 2003 and 2008, Internet Explorer 6, 7 and 8, Microsoft Visual Studio .NET 2003, Visual Studio 2005 and 2008 and Visual C++ 2005 and 2008, according to the security bulletin advance notification.

"While we can't go into specifics about the issue prior to release, we can say that the Visual Studio bulletin will address an issue that can affect certain types of applications," the statement said. "The Internet Explorer bulletin will provide defense-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin."

"The Internet Explorer update will also address vulnerabilities rated as critical that are unrelated to the Visual Studio bulletin that were privately and responsibly reported," Microsoft said.

Customers who are current with their security updates are protected from known attacks related to the updates, the company said. The updates will be released through the Microsoft Update, Windows Update, and Windows Server Update services.

A Webcast to address customer questions is scheduled for Tuesday from 1 p.m. PDT to 2 p.m. at this site.

Microsoft typically releases security patches on a monthly basis, the second Tuesday of every month, and did not say why it is making this rare, out-of-cycle release.

This article was originally posted on CNET News.

Talkback Most Recent of 28 Talkback(s)

Follow via:: RSS; Email Alert

Re:to provide the broadest protections possible to customers

Thank you microsoft!
JMGM
27th Jul 2009
- Reply to
- Flagged
Im happy

that MS have made the decision to break away from their usual update model to address this critical issue. What makes me unhappy is that there are other Critical updates that would have waited until Tuesday?
Parassassin
27th Jul 2009
- Reply to
- Flagged
Thank Micro$oft for what?

Avoiding their next lawsuit?

lol...
Wintel BSOD
27th Jul 2009
- Reply to
- Flagged
Lawsuit?

Is it sunny in the imaginary world you live in?
Michael Alan Goff
29th Jul 2009
- Flag
Why not...

They've had a history over this sort of thing...

http://news.bbc.co.uk/2/hi/business/3161752.stm

http://news.cnet.com/2100-1001-211558.html&tag=mncol%3btxt

http://www.technewsworld.com/story/31749.html

Nothing "sunny" about any of that.
Wintel BSOD
29th Jul 2009
- Flag
That's laughhable.

If you put sensitive information into your computer and YOU don't secure it, how is it Microsoft's fault? Or are you going to say that no other Operating System has such flaws?
Michael Alan Goff
30th Jul 2009
- Flag
I actually think it's pretty sad....

...that you keep making excuses for them.
Wintel BSOD
30th Jul 2009
- Flag
It's sad that I...

plan to take responsibility for my own mistakes and expect others to do the same? It would be like expecting to never get a virus while surfing some of the worst sites on the net. It's like never checking your car for regular maintenance because the car should just work.

Personal responsibility, get some.
Michael Alan Goff
30th Jul 2009
- Flag
Still making excuses for them...

tsk...tsk..tsk... sad...

But you go ahead and keep blaming yourself for their mistakes. If it'll make you feel better.
Wintel BSOD
31st Jul 2009
- Flag
I forget

Where did they put your information and destroy your ability to do anything to try to secure your computer?
Michael Alan Goff
31st Jul 2009
- Flag
Well you keep forgetting

Because if you don't know the answers to your own questions, I can't help you.

Now, want a hug?

lol...
Wintel BSOD
31st Jul 2009
- Flag
my point was...

the idea of blaming Microsoft for something that is the user's fault is REALLY low.
Michael Alan Goff
31st Jul 2009
- Flag
M$ engaging in deceptive practices is low

It's their track record, not mine.

Maybe you should be asking yourself why they engage in this kind of behavior in the first place.
Wintel BSOD
1st Aug 2009
- Flag
Deceptive practices?

Actually, I seem to remember them saying a few things when it came to Vista. It was better than XP 9check, it is), it was the most secure OS they had come up with (check). Deceptive practices? They didn't say they their Operating System was flawless, Windows users will be the first to admit that.

The only OS that claims to be flawless, to my knowledge, is the Mac OSX.

What are these deceptive practices? Did they deceive you, without saying it, into believing something about their software?
Michael Alan Goff
1st Aug 2009
- Flag
Did you see this?

"Customers who are current with their security updates are protected from known attacks related to the updates, the company said."

Keep auto-update turned on folks. At least for desktops...
wolf_z
27th Jul 2009
- Reply to
- Flag