Microsoft Fixes Critical Internet Explorer Bug
August's installment of Microsoft's Patch Tuesday round of security updates has arrived, and if you use Internet Explorer, you'll want to update your software right away. Among other things, this Patch Tuesday addresses a critical IE vulnerability that could allow a malefactor to take control of your system remotely.
As detailed in a Microsoft online posting, this round addresses nine security flaws: two deemed "Critical" and the rest "Important." Critical vulnerabilities could allow remote hackers to take control of user resources without any warning, while Important vulnerabilities mean the user would at least have a chance to defend him or herself from potential intrusion.
The Critical flaw in Internet Explorer was actually 26 separate bugs, only one of which was known to the public. The most severe vulnerability involves way for hackers to gain administrative rights to user computers by luring unsuspecting users to a specially crafted webpage. The Critical flaw for Windows let a remote user gain administrative rights over a user's PC by creating a Microsoft Office document that needed to access Windows Media Center assets.
The other flaws affected programs including Office, SQL Server and .NET framework. Some of the vulnerabilities were potentially dangerous, but not nearly to the extent as the two Critical flaws.
Anyone using Windows Vista or higher can download the patches by opening Windows Update, clicking Check for Updates and following the instructions. Windows XP users may be at risk, though, since Microsoft no longer provides security updates for that operating system, and many Windows flaws persist through multiple versions.
Like most major pieces of software, Microsoft's programs are prone to security flaws of varying severity. So far, the company has done a good job of discovering and patching them before malefactors can exploit them.
Users should still take some precautions on their own, though, such as by running antivirus software and exercising caution in following links from strange emails or delving too deep into potentially dangerous websites.
Patch Tuesday happens on the second Tuesday of every month, so the next update will occur Sept. 9.
- Best Free PC Antivirus Software 2014
- Best PC Antivirus Software 2014
- 30 Best Apps for Rooted Android Phones