In keeping with the company’s monthly patch-release tradition, Microsoft released a slew of new security updates aimed at plugging holes in multiple versions of Internet Explorer.
Microsoft rates the update as “critical” for Internet Explorer versions 6 – 11. The versions of Windows that this applies to include Windows 8.1, Windows 7, Windows Vista, Windows RT 8.1, and multiple flavors of Windows Server.
Here’s how Microsoft describes the vulnerabilities that these updates address and plug.
“The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer,” Microsoft says. “An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
Keep in mind that, if you’re still using Windows XP (and recent statistics indicate that many of you still do), you’re out of luck. You won’t get these patches. Microsoft ended support for Windows XP back in April of this year.
If you have automatic updating enabled in Windows, you may already have installed these patches without even knowing it. Just in case, you should do a Windows Update scan to be sure.
- Microsoft’s Windows 7 Meltdown update granted access to all data in memory
- AMD is working on fixes for the reported Ryzenfall, MasterKey vulnerabilities
- The best web browsers
- Intel decides not to patch Spectre vulnerability for older processors
- Microsoft’s latest Windows 10 patch will address Spectre Variant 2 CPU flaw