ID: IRCNE2013081917
Date: 2013-08-13
According to “InternetNews”, Microsoft has issued its advanced notification for the upcoming Patch Tuesday update cycle, set to be released on Aug. 13.
This month, Microsoft is set to issue eight new security bulletins, three of which are rated as being Critical (the highest rating of severity for a Microsoft bulletin). Paul Henry, security and forensics analyst at Lumension, noted that at this time last year there were 35 total critical bulletins issued for the year-to-date. In contrast for the year-to-date in 2013, the number of critical bulletins has declined to 25.
Of those three bulletins rated critical in the upcoming August 2013 Patch Tuesday update, one in particular has my interest. Once again, Microsoft is patching its often attacked Internet Explorer Web browser.
In the July Patch Tuesday update, Microsoft addressed a zero-day flaw alongside 17 additional vulnerabilities in IE. That's on top of 19 flaws in IE that Microsoft patched in June. In May there was another 12 IE security issues patched in that month's Patch Tuesday.
So just doing the simple math, over the last 90 days, Microsoft has already issued fixes for at least 48 flaws in IE.
On the positive side of this there have not been 48 zero-day flaws in IE that have been publicly exploited over the last 90 days. Most of the flaws are responsibly disclosed and Microsoft is responsibly handling fixing flaws too.
- 2