View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Microsoft plugs critical IE9 flaw

Latest Patch Tuesday also revamps Update process following Flame revelations

By Steve Evans

Microsoft has released details of July’s Patch Tuesday, which includes a fix for a critical flaw in Internet Explorer 9 that could let hackers take control of machines and install malware.

In total, Microsoft will be issuing nine bulletins, three of which are rated as critical and related to remote code execution. The remaining fixes are rated as important. The fixes cover 16 vulnerabilities and address flaws in Windows, Office, SharePoint and Office for the Mac.

The fix for IE9 is interesting, as Microsoft generally patches its browser only every two months. Another fix for IE9 was pushed out last month, suggesting Microsoft has discovered a potentially serious issue.

Perhaps most significantly however is the updates Microsoft is rolling out to the Windows Update process itself. This follows on from the revelation that the Flame virus was able to spoof a Microsoft digital certificate, fooling PCs into believing it was legitimate software and allowing it to install via Windows Update.

"Over the last few weeks, Microsoft has also been rolling out the improved version of the Windows Update client, which has improved security measures that will be used for the first time in this month’s update," said Qualys CTO Wolfgang Kandek.

"The changes are related to the Flame malware that came up with a sophisticated certificate collision attack and was able to abuse Microsoft’s update service to infect its targets," he added.

The updates will be pushed out next week so IT admins should prepare for the updates now. The critical nature of many of the updates means businesses will be at risk if the patches are not implemented.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

 

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU