IE security hole sewn up for Patch Tuesday
It's that time of the month. Again
Microsoft is planning eight security updates next week – two critical – as part of its regular Patch Tuesday programme.
The obvious highlight of the batch is a critical update for Internet Explorer that affects all supported versions of Microsoft's ubiquitous web browser, including IE 9. The second critical update covers flaws in Microsoft .NET Framework and Microsoft Silverlight that create a possible mechanism for miscreants to inject hostile code onto vulnerable systems.
The remaining six updates address lesser Windows vulnerabilities in Microsoft Forefront and Host Integration server. All six of these updates are rated as "important" and not all of them apply to all configurations. "IT administrators will have to evaluate to what degree they affect their networks, servers and workstation," according to Wolfgang Kandek, CTO at security services firm Qualys.
As usual, more details on the flaws will emerge once Microsoft has published its patches on Tuesday. In the meantime all we have to go on is Redmond's pre-release notice here. ®
Damned if they do and damned if they don't
As usual, the first few posts excoriate Microsoft for patching security holes.
So, let me get this straight: When MS patches IE, that's bad and an opportunity to lambaste MS, but when FF, et al get patched, that's good and an opportunity to laud open source etc...
Because MS are teh evils and FireFox are all sweet and fluffy and nice, dispite being funded almost exclusively by Google.