Microsoft releases critical IE 8 patch

Microsoft Inc. is advising users of its Internet Explorer 8 to immediately apply a critical patch which it released Tuesday along with nine other fixes for the browser.

The IE 8 security bulletin MS13-038 is meant to address a vulnerability in the browser which attackers used in controlling the Web page of the United States Department of Labour earlier this month in an attempt to install malware on in the machine of site visitors.

Microsoft last week issued a temporary fix for that vulnerability.

RELATED CONTENT

Microsoft’s patch Tuesday tackles Windows 8 flaws

Users of Windows Serer 2012 were also advised by Microsoft to install MS 13-039. It is meant to fix a flaw in the Microsoft Web IIS (Internet Information Services) that could be used in a Denial of Service Attack (DoS) with the use of an HTTP (hypertext transfer protocol) jacket.

The vulnerability makes it easy launch such a DoS attack and that the method could be used by hackers as early as next week, according to some security experts.

DoS attacks are considered second or third tier risks but they could be very disruptive to an organization, said Ross Barrett, senior manager of security engineering at security firm Rapid7. He said many remote services and Active Directory integrators rely on http systems.

Another security bulletin MS 13-037 released on Patch Tuesday, deals with 11 issues that make it easy to inject malicious code into Internet Explorer from specially crafted Web pages that allow attackers to control the PC of visitors.

The remaining patches were not critical. They address bugs in Microsoft Lync, MS Publisher, Word, Visio, Windows Essential, .Net and the Windows kernel

Read the whole story here

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now