Microsoft Won’t Patch Critical IE Flaw on Tuesday

The company is still working on a fix, as new attacks are confirmed

By on January 4th, 2013 10:10 GMT

Internet Explorer is currently affected by a critical security flaw that would allow attackers to get control of a vulnerable system once the user loads a compromised website.

But even though a security update was expected to be released on this month’s Patch Tuesday cycle, Microsoft has revealed that all upcoming fixes would be aimed at other Windows software.

The company will roll out a total of seven different updates to patch bugs in 12 Microsoft products, including Microsoft Office, Windows 8, Windows 7 and Windows RT.

The problem is that, without an official security patch, the number of attacks aimed at vulnerable IE8 users is quickly growing, with security firm Avast revealing that it has managed to detect nine compromised websites.

The security flaw affects Internet Explorer 8 and older versions, so users are recommended to either upgrade to IE9 or IE10 (if that’s possible), or to deploy another browser.

Comments