Microsoft has released 31 security fixes as part of its Patch Tuesday software update. These cover major products including Windows and Internet Explorer, as well as the firm's .NET Framework and Forefront Protection for Exchange. Four of the updates are marked as critical and three as important.
Dustin Childs, group manager for Microsoft’s Trustworthy Computing division, gave some more information in a blog post about the nature of the fixes, explaining that the issues with Internet Explorer were widespread.
“This cumulative update addresses one public and 23 privately disclosed issues in Internet Explorer,” he wrote. “An attacker who successfully exploited the most severe of these issues could execute code at the level of the logged-on user. Customers who deploy this update will be protected from that scenario.”
Ross Barrett, senior manager of security engineering at Rapid7, said the fixes for Internet Explorer had only just been included at the last minute, as it was not mentioned in last week’s advanced notice of the fixes.
“I talked this over with some folks in the know, and the message is that something (in the Internet Explorer patch) came in just under the wire, in terms of testing completeness on Microsoft’s side,” he said.
“Due to the criticality of it, they bent their schedule in favour of customer security to get the patch out sooner.”
Microsoft has also released a video detailing some more information about the latest Patch Tuesday fixes, as the firm urged IT teams to ensure they roll out the updates quickly.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws