May's Patch Tuesday to fix two critical flaws in Internet Explorer

May's Patch Tuesday to fix two critical flaws in Internet Explorer

تاریخ ایجاد

ID: IRCNE2013051839
Date: 2013-05-11

According to “ZDNet”, next week, Microsoft will patch 33 vulnerabilities in 10 bulletins relating to Internet Explorer, with two bulletins rated "critical."
While few details are given about the security issues, today's advanced security bulletin outlined flaws in a range of other products, including Microsoft Office, .NET Framework, Microsoft Lync, and Windows Essentials.
Bulletin 1 relates to all versions of Internet Explorer 6 to 10, including Windows 8 and Windows RT devices. A patch will be released to fix issues discovered at two security conferences earlier this year.
Bulletin 2 relates to the recent Internet Explorer 8 zero-day flaw designed to target U.S. government workers. The software giant said it was "working" to have a full patch ready for a critical zero-day flaw for Internet Explorer 8, in which the company issued an emergency out-of-band "Fix It" patch on Thursday.
The other eight bulletins are considered "important."
The remaining eight patches will address flaws that range from denial-of-service errors that can cause Windows to crash, to remote code exectution issues in Microsoft Office and Lync, an elevation of privileges that would allow an attacker to gain additional rights to the affected system, and information disclosure issues relating to Windows Essentials 2011 and 2012.
According to ZDNet's Mary Jo Foley, the company has delivered 739 updates for Windows 8 and Windows RT in the nearly seven month period since the two versions were launched in October. These fixes included battery life improvements to additional driver support.
The security fixes will be released on May 14 through the usual update channels, such as Windows and Microsoft Update.


Related Topics:
Microsoft releases emergency patch for critical IE8 zero-day exploit

برچسب‌ها