TMCnet - World's Largest Communications and Technology Community



| More


February 15, 2012

Microsoft News - Microsoft Releases 'Critical' Patch for Internet Explorer

By Ed Silverstein, TMCnet Contributor

Microsoft (News - Alert) is urging users of Internet Explorer (IE) to apply its new security patch to prevent attacks from hackers.

This week, Microsoft released a “high-priority” IE update – MS12-010, according to a recent bulletin from the company. The February “Patch Tuesday” remedies some 21 vulnerabilities in Windows and Microsoft.

The update was described as “critical” by the company for IE 7, IE 8, and IE 9 on Windows, Microsoft said. The security update was also rated “moderate” for IE 6.The company added some of the vulnerabilities could lead to “remote code execution” if users view certain web pages via IE.

In addition, Microsoft is telling users to follow MS12-013, which is a “critical bulletin” to fix “a flaw that could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment.”

“If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system,” Microsoft warned in Tuesday’s bulletin.

Also, ZDNet called the vulnerabilities “dangerous” in its blog post. However, Microsoft pointed out that most users use automatic updates and that would mean the update was downloaded and installed automatically.

Jim Walter, manager of McAfee's (News - Alert) threat intelligence service, recommended that system administrators install the patches immediately. “The Internet Explorer bulletin should be considered a top priority, as there is a risk of code execution attacks,” Walter told “If not attended to, browser exploits can be particularly harmful.”

“Six of the patches this month are marked as critical, the most we've seen in a while,” Joshua Talbot, security intelligence manager at Symantec (News - Alert) Security Response, told CIO Today. “While all these vulnerabilities should be patched as soon as possible, we recommend paying particular attention to the HTML Layout vulnerability and the GDI Access Violation vulnerability, both of which allow for remote Relevant Products/Services code execution.”

Ed Silverstein is a TMCnet contributor. To read more of his articles, please visit his columnist page.

Edited by Jennifer Russell

comments powered by Disqus


Technology Marketing Corporation

35 Nutmeg Drive Suite 340, Trumbull, Connecticut 06611 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments:
Comments about this site:


© 2018 Technology Marketing Corporation. All rights reserved | Privacy Policy