Skip to main content

Microsoft’s January security update neglects patch for IE zero-day vulnerability

Image used with permission by copyright holder

Following normal routine, Microsoft gave advance notice on Thursday of the seven security updates being released this coming Patch Tuesday, including one rated critical for protecting Windows 8 and Windows RT. All in all, the bundle will address 12 different vulnerabilities. Yet conspicuously missing – as security experts were quick to point out – was a fix for an Internet Explorer zero-day exploit that has recently been plaguing users of IE6, IE7, and IE8.

Although the IE vulnerability alarmed Microsoft enough to issue a security advisory about it last Saturday, the company has since downplayed its seriousness, claiming it affected only a limited number of customers. However, it compromised several websites, including those of Capstone Turbine, a gas turbine manufacturer, and the Council on Foreign Relations, a foreign-policy think tank. When hacked, these websites became unsafe for visitors using IE6, IE7, and IE8, installing unwanted malware on users’ computers and attempting to steal personal data.

Recommended Videos

Fortunately, there remains a number of solutions for the IE zero-day vulnerability. Newer versions of Internet Explorer do not share this security weakness, so Microsoft is encouraging users to upgrade to IE9 or IE10 if possible. Unfortunately, those running Windows XP or earlier Windows operating systems are unable to upgrade to IE9 and IE10.

Image used with permission by copyright holder

For these customers, Microsoft has provided a single-click “Fix it” workaround that will take care of the security vulnerability. Finally, if users see a major increase in the number of attacks exploiting this vulnerability, Microsoft may release a special “out-of-band,” or off-schedule, security update prior to its next Patch Tuesday, which isn’t set to take place until February 12. Of course, you can always try out the latest version of Chrome in the meantime. 

Mika Turim-Nygren
Former Digital Trends Contributor
Mika Turim-Nygren writes about technology, travel, and culture. She is a PhD student in American literature at the University…
Snap up this Lenovo 23.8-inch monitor deal and gain more screen space
The Lenovo ThinkVision 23.8-inch monitor on a white background.

For great monitor deals, check out what Lenovo has to offer. Today, you can buy the Lenovo ThinkVision 23.8-inch monitor for $299. It’s a well-designed monitor with some great features for anyone looking to expand their working environment for less. Here’s what it has to offer and why you might want to buy it.

Why you should buy the Lenovo ThinkVision 23.8-inch monitor
Lenovo isn’t a name you’ll see among the best monitors, but don’t let that put you off -- Lenovo is a reliable brand. With the Lenovo ThinkVision 23.8-inch monitor, you get a 23.8-inch full HD IPS panel that provides a wide color gamut of 99% sRGB. That means fantastic color accuracy even from wide angles. The monitor also has a 3-side NearEdgeless bezel design, so there are fewer distractions, and it looks good while taking up less room.

Read more
Nvidia’s RTX 5090 struggles to run Cyberpunk 2077 at 30 fps
Nvidia's RTX 5090 sitting at CES 2025.

Nvidia makes some of the best graphics cards, but Deep Learning Super Sampling (DLSS) is an increasingly big part of what makes them great. This can be seen very clearly in a new RTX 5090 gaming test, in which the behemoth flagship couldn't even maintain an average of 30 frames per second (fps) in Cyberpunk 2077 at maximum settings when DLSS was toggled off.

YouTuber PC Centric got to take the RTX 5090 for a quick spin at CES 2025, and while the GPU breezed through 4K gameplay at max settings with path tracing enabled, this was only true with DLSS in the picture.

Read more
AMD flagship GPUs to make a comeback with RDNA successor
AMD Radeon RX 7900 XTX hovers over a raging fire.

A recent leak on the Chiphell forums has revealed AMD's ambitious plans for its upcoming CPU and GPU architectures. According to a post by forum member zhangzhonghao, AMD is preparing to utilize TSMC’s cutting-edge N3E process node for its next-generation Radeon GPUs and potentially for some of its future CPUs.

The leak highlights the development of GPUs based on the new UDNA architecture, which will succeed the current RDNA. These GPUs are expected to include a flagship model capable of competing with Nvidia’s top-tier GeForce RTX cards, addressing the lack of a high-end option in AMD’s current RDNA 4 lineup.

Read more