Microsoft fixes 8 IE holes, including one used in attacks

Microsoft on Thursday issued a cumulative critical patch for Internet Explorer that fixes eight vulnerabilities, including a hole targeted in the China-based attacks on Google and other U.S. companies.

The security update is rated critical for all supported releases of IE 5, 6, 7, and 8, according to the advisory. The more severe vulnerabilities could allow remote code execution if a user views a malicious Web page using IE, it said.

This IE security update was already planned for release on the next scheduled Patch Tuesday (February 9), Jerry Bryant, senior security program manager at Microsoft, said in a blog post.

“When the attack discussed in Security Advisory 979352 was first brought to our attention on January 11, we quickly released an advisory for customers two days later,” he writes. “As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September.”

Installing the IE update addresses the vulnerability across all applications, even those using the same dynamic link library and which allow active scripting–which were discovered to be possible attack vectors, he said.

Microsoft also scheduled a Webcast to discuss the bulletin for 1 p.m. PST.

Read more: news.cnet.com

Conclusion

This software provides valuable functionality for users. Whether for personal or professional use, it delivers on its core promises. Regular updates and active development ensure continued relevance. User satisfaction and community support demonstrate its value.

Final Thoughts

Based on its features and performance, this software is worth considering. Evaluate your specific needs and whether this solution addresses them. Try it yourself to determine if it’s the right fit for your requirements.