Thursday, December 10, 2009

It's time to patch IE again

Microsoft's December Patch Tuesday was a big one, and many of the patches are rated "Critical" by Microsoft.  If you browse using Internet Explorer, PATCH NOW.   Read ISC/SANS's writeup here:
December 2009 Black Tuesday Overview: Overview of the December 2009 Microsoft patches and their status.

ZDNet has a more user-friendly write-up here:
Patch Tuesday: Microsoft plugs IE 'drive-by download' security holes | Zero Day |
today shipped six bulletins with patches for a total of 12 documented
security vulnerabilities in a wide range of widely deployed software
products. Three of the six bulletins are rated “critical,” Microsoft’s
highest severity rating.

The most serious issues affect the
company’s Internet Explorer browser, including the newest IE 8 on
Windows 7.The Internet Explorer bulletin (MS09-072) covers five
documented vulnerabilities that affect all supported versions of the
browser (IE 5, 6, 7 and 8). As previously reported, there is public
exploit code available for one of the IE vulnerabilities.

No comments: