14 DAY TRIAL // Microsoft has recently announced that it would patch the recently-found Internet Explorer flaw in just a few hours, as part of the Patch Tuesday cycle comprising several other fixes.
The new vulnerability, which affects an Internet Explorer ActiveX Control that makes users’ computers open to attacks, is said to be fixed as part of Bulletin 3, which will be released as MS13-090.
“Customers who have Automatic Updates enabled will not need to take any action to receive the update,” Microsoft explained.
“As a best practice, we always encourage customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. We also encourage customers to exercise caution when visiting websites and avoid clicking suspicious links or opening email messages from unfamiliar senders.”
Security company FireEye Labs revealed a couple of days ago that a security flaw in Internet Explorer exposes Windows XP and Windows 7 users once they load a compromised website distributing malware.
FireEye identified two different vulnerabilities, including an information disclosure bug and a memory access flaw, both of which are supposed to help an attacker gain the same rights as the logged on user.
As part of this month’s Patch Tuesday cycle, Microsoft will launch a total of eight security bulletins, three of which are rated as critical and are expected to fix flaws in Windows and Internet Explorer.
The rest of the five security bulletins are labeled as important and are aimed at some other glitches in Windows and Office.
As usual, Microsoft hasn’t provided any details regarding the security flaws to be patched, but more information will be released in just a few hours when the company will make all updates public. Of course, fixes will be shipped to users worldwide via Windows Update.