13 April 2006 | 4,697 views

New Critical MEGApatch fixes 10 Vulnerabilities in Internet Explorer

Secure Your Website with Acunetix

Well how many does that leave unpatched? 30+ if I remember correctly from the PivX page that got taken down mysteriously.

Microsoft on Tuesday released a “critical” Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks.

The Redmond, Wash., software giant sent out the IE megafix as part of its monthly Patch Tuesday cycle of bulletins. In addition, Microsoft delivered two bulletins for “critical” Windows flaws, one for an “important” vulnerability in Outlook Express and one for a “moderate” bug in a component of FrontPage and SharePoint.

I think this whole Patch Tuesday is a stupid idea in itself, why can’t they release patches for critical vulnerabilities ASAP?

Some pretty scary news though eh? For normal users anyway.

Eight of the 10 vulnerabilities repaired by the IE update could be abused to gain complete control over a Windows computer running vulnerable versions of the Web browser.

Apparently they say, only one has been used…the one we talked about previously (The CreateTextRange Exploit).

According to Microsoft’s bulletin, three of the 10 vulnerabilities fixed by the update had been publicly disclosed. Only the CreateTextRange flaw was being exploited in attacks, the software maker said.

Basically you can get complete control of the machine just by getting a user to visit a maliciously built web page, good stuff!

Source: News.com





                

Recent in Exploits/Vulnerabilities:
- Royal Canadian Mounted Police Arrest Heartbleed Hacker
- Heartbleed Bug SSL Vulnerability – Everything You Need To Know
- Oracle Java Cloud Service Vulnerabilities Publicly Disclosed

Related Posts:
- 3Com’s TippingPoint Finds New IE Vulnerabilities
- Microsoft Unleashes Record Breaking Patch Tuesday – April 2011
- Microsoft Plugs 11 Serious Flaws in December Update

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 225,429 views
- AJAX: Is your application secure enough? - 118,959 views
- eEye Launches 0-Day Exploit Tracker - 84,997 views

Low-cost VPS Hosting

Comments are closed.