Welcome to WebmasterWorld Guest from 3.81.29.226

Forum Moderators: bill

Message Too Old, No Replies

Microsoft Critical Security Patches for all Versions of IE, and Edge

     
2:12 pm on Oct 14, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26445
votes: 1067


Microsoft's patch Tuesday was a critical security update for all versions of IE, along with JScript and VBScript, and Windows Shell over Remote Code Execution. Microsoft Edge browser update was classed as important, along with MS Office.

Full details of thee advisory are here.
Cumulative Security Update for Internet Explorer (3096441) [technet.microsoft.com]
Cumulative Security Update for Microsoft Edge (3096448) [technet.microsoft.com]
Security Updates for Microsoft Office to Address Remote Code Execution (3096440) [technet.microsoft.com]
Security Update for Windows Kernel to Address Elevation of Privilege (3096447) [technet.microsoft.com]
Security Update for Windows Shell to Address Remote Code Execution (3096443) [technet.microsoft.com]
Security Update for JScript and VBScript to Address Remote Code Execution (3089659) [technet.microsoft.com]
2:27 pm on Oct 14, 2015 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:7139
votes: 413


Ermm ..didn't Microsoft say that with win 10 they were no longer going to do security patches not even on a Tuesday..that win 10 security would be taken care of by rolling updates..Edge is win 10..so ..win 10 is getting security patches outside of updates..

So..one of the major reasons that Microsoft said to move to win 10.. ( better security due to security updates being incorporated into rolling automatic updates )..turns out not to be true..
3:04 pm on Oct 14, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26445
votes: 1067


Strictly speaking, it's a browser on Win 10, not actually Win 10 itself. However, yes, I would have thought it would just be updated without waiting for the regular security patch, unless the patch just happened to come through at the same time.

The RCE is a patch i'd like to see asap, and not wait for the appropriate Tuesday.
3:16 pm on Oct 14, 2015 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:7139
votes: 413


Strictly speaking, it's a browser on Win 10, not actually Win 10 itself.

Yes..sorry..that is what I meant..sometimes I forget and post in "mental shorthand speak"..
Should have said..
Edge is on win 10..so ..win 10 is getting security patches to core applications , outside of updates..
4:46 pm on Oct 14, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26445
votes: 1067


Yes, these updates to such applications should be seamless, and because browsers are forward facing the web they should be at 100% all the time, imho, especially as users are mostly indifferent to the importance of security.