Home >> Internet >> Patches released by Microsoft to fix Zero-day vulnerability in Internet explorer

Patches released by Microsoft to fix Zero-day vulnerability in Internet explorer


Microsoft released eight patches on Tuesday which fixes 19 different vulnerabilities in Microsoft software in Internet Explorer, Hyper-V, the Graphics Device Interface, Microsoft Office and others. FireEye which found the zero-day vulnerability in Internet Explorer during the weekend has also been fixed.

Microsoft_patch_tuesday

<

Experts mentioned that the most important patches during the release are the Internet Explorer patch [MS13-088], GDI [MS13-089] and the zero-day issue in ActiveX control which caused problems to several versions of Internet Explorer [Ms13-090].

Microsoft security experts had a busy week after FireEye, a security firm disclosed about the serious threats in Internet Explorer and also they had knowledge that the ActiveX Control Patch [MS13-090] would fix the flaw in InformationCardSignInhelper. making use of the bug, Hackers used a watering-hole-style attack and the exploit code appeared on text-sharing site Pastebin making the flaw a serious threat.

Two bugs that disclosed information and eight issues that caused memory corruption  was also fixed by a patch [MS13-088]. These flaws were exploited by attackers in such away that made users view a page to create a drive-by-download attack, said Maiffret.

experts termed the patch “straightfowward” as the fixes were more focused towards Internet Explorer, Windows  and Office components. “There was nothing esoteric or difficult to patch,” said Barrett.

Wolfgang Kandek, CTO of Qualys said, “Overall, while it is only a medium-sized patch Tuesday, pay special attention to the two 0-days and Internet explorer update. Bowsers continue to be the favorite target for attackers and Internet Explorer, with its leading market share is one of the most visible and likely targets.”

[Via]


About John W Arthur

john@thenextdigit.com'
John is the head of our IT Security team and he writes about Security, IT news on The Next Digit. He was the Employee of the Year 2013 for his selfless support and efficiently setting up the whole security infrastructure. He also occasionally writes on "IT Sec Pro" Print Media of Sweden. All posts by John

Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /home/nitin198/public_html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273