With security patches

Aug 13, 2008 10:13 GMT  ·  By

The first Beta build of Internet Explorer 8 was made available for download at the start of March 2008, with bits going live following the MIX08 keynote address by Dean Hachamovitch, Microsoft General Manager. With Beta 2 cooking, as the baking time will run out by the end of this month, the Redmond giant continues to focus on the IE8 Beta 1 release for developers. With the availability of Beta 2 just around the corner, Internet Explorer 8 Beta 1 got updated for Windows XP Service Pack 3, Windows Vista Service Pack 1, but also Windows Server 2008 and Windows Server 2003. A total of 8 updates can be grabbed from the Microsoft Download Center for IE8 Beta 1, in accordance with the 32-bit and 64-bit versions of the Windows client and server operating systems.

As an integral part of the monthly patch cycle, Microsoft offers the IE Cumulative Security Update. The August 2008 release of the security bulletin focuses on IE5, IE6, IE7 and also IE8, even if the latter is still nothing more than a development milestone.

"The IE Cumulative Security Update for August 2008 is now available via Windows Update. Alternatively, you can receive this and all other Microsoft updates via the new Microsoft Update. I encourage you to upgrade to Microsoft Update if you haven't already to ensure that you receive the latest updates for all Microsoft products. This update addresses six remote code execution vulnerabilities. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles the error resulting in the exploitable condition," stated Terry McCoy, program manager, Internet Explorer Security.

According to the Microsoft Security Bulletin MS08-045 - Critical Cumulative Security Update for Internet Explorer (953838), out of the six security holes identified no less than five were privately reported to the Redmond giant, while details for the remaining one had been available in the wild. Despite the fact that IE8 is understandably pushed to the background as it is a Beta build, the August 2008 cumulative security update for IE is also designed to patch the successor of IE7.

"This security update is rated Critical for all supported versions of Internet Explorer. This security update is also available for Internet Explorer 8 Beta 1 for Developers on Windows Update. IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer," McCoy added.

The security issues patched with this month's release of security bulletins for Internet Explorer are: HTML Objects Memory Corruption Vulnerability - CVE-2008-2254; HTML Objects Memory Corruption Vulnerability - CVE-2008-2255; Uninitialized Memory Corruption Vulnerability - CVE-2008-2256; HTML Objects Memory Corruption Vulnerability - CVE-2008-2257; HTML Objects Memory Corruption Vulnerability - CVE-2008-2258; and HTML Component Handling Vulnerability - CVE-2008-2259.

- Cumulative Security Update for Internet Explorer 8 Beta 1 in Windows Vista (KB953838) - Cumulative Security Update for Internet Explorer 8 Beta 1 in Windows Vista x64 Edition (KB953838)

- Cumulative Security Update for Internet Explorer 8 Beta 1 for Windows XP (KB953838) - Cumulative Security Update for Internet Explorer 8 Beta 1 for Windows XP x64 Edition (KB953838)

- Cumulative Security Update for Internet Explorer 8 Beta 1 for Windows Server 2003 (KB953838) - Cumulative Security Update for Internet Explorer 8 Beta 1 for Windows Server 2003 x64 Edition (KB953838)

- Cumulative Security Update for Internet Explorer 8 Beta 1 in Windows Server 2008 (KB953838) - Cumulative Security Update for Internet Explorer 8 Beta 1 for Windows Server 2008 x64 Edition (KB953838)