Microsoft to Fix two more flaws in IE

June 3rd, 2013 by admin Leave a reply »

Microsoft will patch 33 vulnerabilities in 10 bulletins relating to Internet Explorer, with two bulletins rated “critical.”

While few details are given about the security issues, today’s advanced security bulletin outlined flaws in a range of other products, including Microsoft Office, .NET Framework, Microsoft Lync, and Windows Essentials.

Bulletin 1 relates to all versions of Internet Explorer 6 to 10, including Windows 8 and Windows RT devices. A patch will be released to fix issues discovered at two security conferences earlier this year.

Bulletin 2 relates to the recent Internet Explorer 8 zero-day flaw designed to target U.S. government workers. The software giant said it was “working” to have a full patch ready for a critical zero-day flaw for Internet Explorer 8, in which the company issued an emergency out-of-band “Fix It” patches on Thursday.

The other eight bulletins are considered “important.”

The remaining eight patches will address flaws that range from denial-of-service errors that can cause Windows to crash, to remote code execution issues in Microsoft Office and Lync, an elevation of privileges that would allow an attacker to gain additional rights to the affected system, and information disclosure issues relating to Windows Essentials 2011 and 2012.

Included with the security patches, we can expect Microsoft to issue a number of non-security related fixes to its Surface Pro and Surface RT tablets, in line with previous months.

Microsoft has delivered 739 updates for Windows 8 and Windows RT in the nearly seven month period since the two versions were launched in October. These fixes included battery life improvements to additional driver support.

The security fixes will be released on May 14 through the usual update channels, such as Windows and Microsoft Update.

Microsoft is doing its best to enhance data security.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Leave a Reply