Feeds

TIME TRAVELLERS needed to secure Windows 7

June's IE 11 patch depends on unrelated April update

Top 5 reasons to deploy VMware with Tegile

Microsoft has forced Windows 7 users to apply an April update in order to receive June's patches for its Internet Explorer 11 browser.

The demand does not affect users of earlier versions of its flagship browser or operating system.

Microsoft did not provide reasons for the move but it appeared to have simplified its patching process since updates need only to be crafted for the latest incarnation of the latest browser version.

In order to receive June's monster critical update (MS14-035) and all future IE 11 patches, users would need to speed up testing of April fix MS14-18, which addressed handling of objects in memory, KB2919355, or
KB2929437, Microsoft said in a support document.

The latest fix, released June 10, addressed 59 security vulnerabilities in Internet Explorer the most severe of which could allow remote code execution when users pointed their browsers to specially crafted web sites.

"These vulnerabilities by themselves do not allow arbitrary code to be run. However, these vulnerabilities could be used in conjunction with another vulnerability (e.g., a remote code execution vulnerability) that could take advantage of the elevated privileges when running arbitrary code," Microsoft said in a MS14-035 advisory.

"In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit these vulnerabilities.

"For example, an attacker could trick users into clicking a link that takes them to the attacker's site."

Users running IE 11 would miss out on browser fixes without update 2919355 for Windows 8.1 or Windows Server 2012 R2, or update 2929437 for Windows 7 Service Pack 1 or Windows Server 2008 R2 Service Pack 1.

Users with automatic updates activated would not feel the affects of the new demand unless those updates had quietly failed leaving them exposed. ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.