Welcome to WebmasterWorld Guest from 54.166.172.33

This page requires javascript to function properly. It seems that your browser does not have Javascript enabled. Please enable Javascript and press the Reload/Refresh button on your browser.

Forum Moderators: bill

Message Too Old, No Replies

Microsoft to rush out emergency IE patch

patches for Internet Explorer and for Visual Studio

Moderator from US

robert_charlton is a WebmasterWorld Top Contributor of All Time

joined:Nov 11, 2000
posts:12063
votes: 326

Microsoft to rush out emergency IE patch [computerworld.com]
Computerworld
July 24, 2009

In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
The two security bulletins will address one overall issue and are being released separately "to provide the broadest protections possible to customers," Microsoft said in a statement....

Administrator from JP

bill is a WebmasterWorld Top Contributor of All Time

joined:Oct 12, 2000
posts:15075
votes: 142

I found this part interesting at the end of the article:

Microsoft didn't give a reason for the rushed update but it may be trying to stay ahead of any public disclosure at next week's Black Hat security conference in Las Vegas.

Senior Member

jdmorgan is a WebmasterWorld Top Contributor of All Time

joined:Mar 31, 2002
posts:25430
votes: 0

It's really been a bad month for browser security. As of today, we have unpatched vulnerabilities in Sun Java JRE 6U14, Adobe Reader 9 and Flash Player 10, IE8, and SeaMonkey/1.1.17 (formerly Mozilla Suite).

Jim

JS_Harris

3:45 am on July 26, 2009 (gmt 0)

Senior Member

joined:July 29, 2007
posts:1780
votes: 100

My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it, that's not changing anytime soon. This is getting ridiculous in its regularity.

bill

1:43 am on July 27, 2009 (gmt 0)

Administrator from JP

joined:Oct 12, 2000
posts:15075
votes: 142

My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it

JS_Harris I've seen you mention this in various posts for several months now. I just wanted to point out to members that you shouldn't do this unless you know what you're doing. This sort of setting can stop the updates of multiple software packages that use IE's settings to connect to the Internet.

kaled

10:32 am on July 27, 2009 (gmt 0)

Senior Member

kaled is a WebmasterWorld Top Contributor of All Time

joined:Mar 2, 2003
posts:3710
votes: 0

My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it

I'm going to be blunt...

Disabling Internet Explorer by messing with its connection settings is utterly pointless.

Internet Explorer vulnerabilities affect Internet Explorer only - if you don't use Internet Explorer then these vulnerabilities do not affect you in any way.
As other have pointed out, this will break other legitimate applications that use these settings.
Use of these settings by other applications does NOT make them vulnerable.
Malware is unlikely to use these settings so disabling IE in this way is unlikely to protect you from any malware that is already present on your computer.

Kaled.