Microsoft to fix critical hole in IE

Microsoft to fix critical hole in IE

Summary: In a rare move, Microsoft said it will be releasing security updates on Tuesday - for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.

SHARE:
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.

The two security bulletins will address one overall issue and are being released separately "to provide the broadest protections possible to customers," Microsoft said in a statement.

The vulnerabilities affect Windows 2000, Windows XP, Vista, Windows Server 2003 and 2008, Internet Explorer 6, 7 and 8, Microsoft Visual Studio .NET 2003, Visual Studio 2005 and 2008 and Visual C++ 2005 and 2008, according to the security bulletin advance notification.

"While we can't go into specifics about the issue prior to release, we can say that the Visual Studio bulletin will address an issue that can affect certain types of applications," the statement said. "The Internet Explorer bulletin will provide defense-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin."

"The Internet Explorer update will also address vulnerabilities rated as critical that are unrelated to the Visual Studio bulletin that were privately and responsibly reported," Microsoft said.

Customers who are current with their security updates are protected from known attacks related to the updates, the company said. The updates will be released through the Microsoft Update, Windows Update, and Windows Server Update services.

A Webcast to address customer questions is scheduled for Tuesday from 1 p.m. PDT to 2 p.m. at this site.

Microsoft typically releases security patches on a monthly basis, the second Tuesday of every month, and did not say why it is making this rare, out-of-cycle release.

This article was originally posted on CNET News.

Topics: Security, Browser, Microsoft, Software Development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

28 comments
Log in or register to join the discussion
  • Re:to provide the broadest protections possible to customers

    Thank you microsoft!
    JMGM
    • Im happy

      that MS have made the decision to break away from their usual update model to address this [b]critical[/b] issue. What makes me unhappy is that there are other [b]Critical[/b] updates that would have waited until Tuesday?
      Parassassin
    • Thank Micro$oft for what?

      Avoiding their next lawsuit?

      lol... :D
      Wintel BSOD
      • Lawsuit?

        Is it sunny in the imaginary world you live in?
        Michael Alan Goff
        • Why not...

          They've had a [b]history[/b] over this sort of thing...

          http://news.bbc.co.uk/2/hi/business/3161752.stm

          http://news.cnet.com/2100-1001-211558.html&tag=mncol%3btxt

          http://www.technewsworld.com/story/31749.html

          Nothing "sunny" about any of that.
          Wintel BSOD
          • That's laughhable.

            If you put sensitive information into your computer and YOU don't secure it, how is it Microsoft's fault? Or are you going to say that no other Operating System has such flaws?
            Michael Alan Goff
          • I actually think it's pretty sad....

            ...that you keep making excuses for them.
            Wintel BSOD
          • It's sad that I...

            plan to take responsibility for my own mistakes and expect others to do the same? It would be like expecting to never get a virus while surfing some of the worst sites on the net. It's like never checking your car for regular maintenance because the car should just work.

            Personal responsibility, get some.
            Michael Alan Goff
          • Still making excuses for them...

            tsk...tsk..tsk... sad...

            But you go ahead and keep blaming yourself for their mistakes. If it'll make you feel better.
            Wintel BSOD
          • I forget

            Where did they put your information and destroy your ability to do anything to try to secure your computer?
            Michael Alan Goff
          • Well you keep forgetting

            Because if you don't know the answers to your own questions, I can't help you.

            Now, want a hug?

            lol... :D
            Wintel BSOD
          • my point was...

            the idea of blaming Microsoft for something that is the user's fault is REALLY low.
            Michael Alan Goff
          • M$ engaging in deceptive practices is low

            It's their track record, not mine.

            Maybe you should be asking yourself why they engage in this kind of behavior in the first place.
            Wintel BSOD
          • Deceptive practices?

            Actually, I seem to remember them saying a few things when it came to Vista. It was better than XP 9check, it is), it was the most secure OS they had come up with (check). Deceptive practices? They didn't say they their Operating System was flawless, Windows users will be the first to admit that.

            The only OS that claims to be flawless, to my knowledge, is the Mac OSX.

            What are these deceptive practices? Did they deceive you, without saying it, into believing something about their software?
            Michael Alan Goff
  • Did you see this?

    "Customers who are current with their security updates are protected from known attacks related to the updates, the company said."

    Keep auto-update turned on folks. At least for desktops...
    wolf_z
  • "Privately reported"?

    Sounds like someone learned their lesson and don't have to have their dirty laundry aired in public before they are forced to respond.
    Now THIS is responsible.
    Thank you!
    kd5auq
  • This customer broadly protects himself

    With a Mac.
    HollywoodDog
  • At Least...

    ...it won't be a day of 67 patches like Apple's Mac OS X and Safari had May 13, 2009.
    Cosmo54
    • >>;

      Did you REALLY have to put that down?
      Michael Alan Goff
  • RE: Microsoft to fix critical hole in IE

    When will it end??? Seems like EVERY update is critical!!! Why does M$ stay with their swiss cheese programming???
    1djk1