Welcome to WebmasterWorld Guest from 54.167.71.219

Forum Moderators: bill

Message Too Old, No Replies

Microsoft to rush out emergency IE patch

patches for Internet Explorer and for Visual Studio

     
6:51 am on Jul 25, 2009 (gmt 0)

Moderator from US 

WebmasterWorld Administrator robert_charlton is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2000
posts:11314
votes: 165


Microsoft to rush out emergency IE patch [computerworld.com]
Computerworld
July 24, 2009

In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.

The two security bulletins will address one overall issue and are being released separately "to provide the broadest protections possible to customers," Microsoft said in a statement....

7:50 am on July 25, 2009 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14483
votes: 49


I found this part interesting at the end of the article:
Microsoft didn't give a reason for the rushed update but it may be trying to stay ahead of any public disclosure at next week's Black Hat security conference in Las Vegas.
1:48 pm on July 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


It's really been a bad month for browser security. As of today, we have unpatched vulnerabilities in Sun Java JRE 6U14, Adobe Reader 9 and Flash Player 10, IE8, and SeaMonkey/1.1.17 (formerly Mozilla Suite).

Jim

3:45 am on July 26, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:July 29, 2007
posts:1528
votes: 9


My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it, that's not changing anytime soon. This is getting ridiculous in its regularity.
1:43 am on July 27, 2009 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14483
votes: 49


My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it

JS_Harris I've seen you mention this in various posts for several months now. I just wanted to point out to members that you shouldn't do this unless you know what you're doing. This sort of setting can stop the updates of multiple software packages that use IE's settings to connect to the Internet.
10:32 am on July 27, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 2, 2003
posts:3710
votes: 0


My IE is set to connect over LAN and resolved to ip 0.0.0.0 which completely disables it

I'm going to be blunt...

Disabling Internet Explorer by messing with its connection settings is utterly pointless.

  1. Internet Explorer vulnerabilities affect Internet Explorer only - if you don't use Internet Explorer then these vulnerabilities do not affect you in any way.
  2. As other have pointed out, this will break other legitimate applications that use these settings.
  3. Use of these settings by other applications does NOT make them vulnerable.
  4. Malware is unlikely to use these settings so disabling IE in this way is unlikely to protect you from any malware that is already present on your computer.

Kaled.

1:51 am on July 28, 2009 (gmt 0)

New User

10+ Year Member

joined:Apr 6, 2005
posts:10
votes: 0


Ah crap! I just realized I'm reading these posts on IE8 now. Son of a @#$%&!
1:17 am on July 29, 2009 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14483
votes: 49


The patches are available for me now from Japan. They should have the other markets available as well.
3:38 am on July 29, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member tedster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:May 26, 2000
posts:37301
votes: 0


Yes - the IE blog confirms [blogs.msdn.com] that the update is now available.