We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft plugs 'critical' IE hole

Don't wait for Windows XP service pack, apply cumulative patch now

Microsoft has issued a special cumulative patch for its Internet Explorer browser, addressing three new security holes rated "critical", including one that was used in a virus attack in July.

Patches rated critical mean that not installing the patch may lead to catastrophic damage to a PC because an attack could give a cracker complete control of that system, including the capability to reformat the hard drive, according to Microsoft.

Ordinarily, Microsoft saves up patches for a monthly release, to make it easier for customers and IT staffs. However, when the company rates a security flaw critical, it often releases the patch as soon it's ready, the better to protect users.

"It's probably better to do it this way," says Rob Enderle, principal analyst at technology analysis firm The Enderle Group. "It gives people the option of fixing [the problems right away]. They did the right thing."

Microsoft intends the patch to head off any repeats of the attack which took advantage of multiple weaknesses in Windows and Microsoft's Internet Information Server. The so-called download.ject or Scob virus tried to steal users' data or to create "zombies" for a later planned denial of service attack.

Microsoft issued a patch for one of the weaknesses as well as workarounds to block similar attacks, but it did not patch a second hole quite as quickly. This patch takes care of that one.

This latest release is a "cumulative" update, which contains all previously released security patches for IE. It fixes security flaws in all currently supported versions of Windows, from Windows 98 and Me through Windows XP. This cumulative patch and a description of the problems it solves is available from Microsoft.

IDG UK Sites

Microsoft Surface 3 UK release date, price and specs: New Surface tablet offers free upgrade to Win?......

IDG UK Sites

It's World Backup Day 2015! Don't wait another minute: back up now

IDG UK Sites

Adobe Comp CC iPad app review

IDG UK Sites

April Fool's Day pranks: play these geeky pranks on April Fools Day and fool your friends