14 DAY TRIAL // There are no patches for Internet Explorer 9 in Microsoft’s latest security update release, but previous versions of the browser did get their fair share of refreshes. The June 2010 security bulletin for Internet Explorer is designed to plug no less than six security vulnerabilities, one of which has already been disclosed to the public through details published in the wild. According to Jerry Bryant, group manager, response communications, Microsoft, MS10-035, the cumulative update for Internet Explorer, is considered a top priority as far as deployments are concerned.
“The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,” Microsoft explained.
But while IE9 will not need patching, the same is not valid for older versions of IE, and especially for IE8, which is affected by all of the six vulnerabilities patched by Microsoft. “The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, HTML sanitization, and cached content,” the company stated.
On June 8th, 2010, Microsoft released ten security bulletins, three of which were Critical, patching a total of 34 vulnerabilities across Windows, Office, Internet Explorer and IIS. The security bulletins are already being served to customers worldwide through Windows Update, and Microsoft advises that deployments should start as soon as possible.
“This security update is rated Critical for Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers.”
But even with six vulnerabilities patched, IE8 doesn’t even come close to Google Chrome 5.0, which was affected by 11 security flaws resolved in the latest stable release. Still, by far the winner in terms of patched vulnerabilities in June 2010 is Safari, with a total of 48 flaws.
Internet Explorer 8 (IE8) RTW is available for download here (for 32-bit and 64-bit flavors of Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008).
Google Chrome 5.0 Stable is available for download here.
Internet Explorer 9 (IE9) Platform Preview 2 is available for download here.