Acting quickly (that is within 4 days or so), Microsoft has released a patch for all versions of Internet Explorer, which would fix the zero day security vulnerability disclosed last week. What is more is Microsoft has fixed the flaw for even Windows XP users. The links at the end of the post.
On Thursday (USA time) Dustin Childs wrote in a Microsoft blog ‘We have made the decision to issue a security update for Windows XP users. (though) Windows XP is no longer supported by Microsoft,..’ [italic emphasis mine]
The flaw affected Internet Explorer (IE) versions 6 to 11 and Microsoft said it was aware of "limited, targeted attacks" to exploit it. Microsoft said that hackers could exploit the flaw by hosting a "specially crafted website" designed to exploit the vulnerability. If users visited the website, hackers could use it to gain access to their computer and get the same rights as the machine's use, however, hackers would have needed to convince users to view and interact with the website, and would have had "no way to force users" to view the content otherwise.
On 1st May (night per India time), Microsoft released an out-of-band security bulletin for May 1, 2014. Microsoft Security Bulletin MS14-021 is a Critical update and should be installed immediately by all users of any version of Internet Explorer.
By user, they mean anyone who has any version of Internet Explorer installed in the PC.
:-D
Microsoft Security Bulletin MS14-021, contains the Security Update for Internet Explorer (2965111), and is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients (normal users).
There is only one version of update is for IE6 to IE10 - KB2964358.
But there are 2 versions for IE 11 on Windows 7 - KB2964358 or KB2964444, depending on whether KB 2929437 update is installed or not.
Similarly, for Windows 8/8.1 - there is KB2964358 or KB2964444, depending on whether KB 2919355 update is installed or not.
You can read more, and download patches at: https://technet.microsoft.com/library/security/ms14-021
On Thursday (USA time) Dustin Childs wrote in a Microsoft blog ‘We have made the decision to issue a security update for Windows XP users. (though) Windows XP is no longer supported by Microsoft,..’ [italic emphasis mine]
The flaw affected Internet Explorer (IE) versions 6 to 11 and Microsoft said it was aware of "limited, targeted attacks" to exploit it. Microsoft said that hackers could exploit the flaw by hosting a "specially crafted website" designed to exploit the vulnerability. If users visited the website, hackers could use it to gain access to their computer and get the same rights as the machine's use, however, hackers would have needed to convince users to view and interact with the website, and would have had "no way to force users" to view the content otherwise.
On 1st May (night per India time), Microsoft released an out-of-band security bulletin for May 1, 2014. Microsoft Security Bulletin MS14-021 is a Critical update and should be installed immediately by all users of any version of Internet Explorer.
By user, they mean anyone who has any version of Internet Explorer installed in the PC.
:-D
Microsoft Security Bulletin MS14-021, contains the Security Update for Internet Explorer (2965111), and is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients (normal users).
There is only one version of update is for IE6 to IE10 - KB2964358.
But there are 2 versions for IE 11 on Windows 7 - KB2964358 or KB2964444, depending on whether KB 2929437 update is installed or not.
Similarly, for Windows 8/8.1 - there is KB2964358 or KB2964444, depending on whether KB 2919355 update is installed or not.
You can read more, and download patches at: https://technet.microsoft.com/library/security/ms14-021
No comments:
Post a Comment