SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community
 
| More

Microsoft - FEATURED ARTICLES

February 15, 2012

Microsoft News - Microsoft Releases 'Critical' Patch for Internet Explorer

By Ed Silverstein, TMCnet Contributor

Microsoft (News - Alert) is urging users of Internet Explorer (IE) to apply its new security patch to prevent attacks from hackers.


This week, Microsoft released a “high-priority” IE update – MS12-010, according to a recent bulletin from the company. The February “Patch Tuesday” remedies some 21 vulnerabilities in Windows and Microsoft.

The update was described as “critical” by the company for IE 7, IE 8, and IE 9 on Windows, Microsoft said. The security update was also rated “moderate” for IE 6.The company added some of the vulnerabilities could lead to “remote code execution” if users view certain web pages via IE.

In addition, Microsoft is telling users to follow MS12-013, which is a “critical bulletin” to fix “a flaw that could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment.”

“If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system,” Microsoft warned in Tuesday’s bulletin.

Also, ZDNet called the vulnerabilities “dangerous” in its blog post. However, Microsoft pointed out that most users use automatic updates and that would mean the update was downloaded and installed automatically.

Jim Walter, manager of McAfee's (News - Alert) threat intelligence service, recommended that system administrators install the patches immediately. “The Internet Explorer bulletin should be considered a top priority, as there is a risk of code execution attacks,” Walter told v3.co.uk. “If not attended to, browser exploits can be particularly harmful.”

“Six of the patches this month are marked as critical, the most we've seen in a while,” Joshua Talbot, security intelligence manager at Symantec (News - Alert) Security Response, told CIO Today. “While all these vulnerabilities should be patched as soon as possible, we recommend paying particular attention to the HTML Layout vulnerability and the GDI Access Violation vulnerability, both of which allow for remote Relevant Products/Services code execution.”



Ed Silverstein is a TMCnet contributor. To read more of his articles, please visit his columnist page.

Edited by Jennifer Russell




comments powered by Disqus






Technology Marketing Corporation

800 Connecticut Ave, 1st Floor East, Norwalk, CT 06854 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments: tmc@tmcnet.com.
Comments about this site: webmaster@tmcnet.com.

STAY CURRENT YOUR WAY

© 2014 Technology Marketing Corporation. All rights reserved | Privacy Policy