14 DAY TRIAL // Today Microsoft released security updates for all versions of Internet Explorer as part of the Patch Tuesday cycle that also brought fixes for Windows and Exchange.
As far as the company’s in-house browser is concerned, the tech giant has launched patches for basically every single version of the application currently on the market, starting with 6 and ending with 10 on both Windows 8 and Windows RT devices, such as Microsoft’s very own Surface RT tablet.
Security bulletin MS13-059 is rated as “Critical” and comes to resolve 11 privately reported vulnerabilities in Internet Explorer, the company explained in a security advisory.
“The most severe vulnerabilities could allow remote code execution if a user views a specially-crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user,” Microsoft added.
“Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
The update is considered “Critical” for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9 and Internet Explorer 10 on Windows clients and “Moderate” for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9 and Internet Explorer 10 on Windows servers.
The patch is being delivered by Microsoft via Windows Update, so no action is required if the feature is turned on. Still, the company recommends system administrators to prioritize the deployment of this bulletin inside their organization.
“While there is no reason to believe criminals were aware of these flaws before today, they won't rest on their laurels. Anytime there is a flaw in Internet Explorer it needs to be top priority in your patch list,” Chester Wisniewski, senior security advisor at Sophos Canada, explained.