We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Microsoft glitches hamper critical fixes

You know that patches are essential, but the download/install/reboot cycle gets old fast. And it doesn't help when the patches themselves have problems, as some from Microsoft recently did.

Take the latest cumulative update for Internet Explorer. Two of its corrections sealed significant holes in IE 7.0 for both Vista and XP, starting with COM objects (precursors to ActiveX controls). Viewing a site with a poisoned COM object could allow an attacker to take control of your system, although you would have to okay an IE 7.0 dialog box first.

The second flaw exists in an internal IE function, the property method. An attacker could target the flaw with a specially-crafted web page and hit you with a drive-by download.

The same cumulative update addressed four crucial issues with ActiveX and Active Scripting in IE 6 on Windows XP SP2. When you factor in fixes for critical flaws in IE 5.01 and 6.0 on Windows 2000 SP4, as well as in IE 6.0 on Windows XP SP1, get the patch here if you haven't already received it through Automatic Updates.

See also:

Broken Internet Explorer

Office fix delayed

ActiveX flaw

Trillian IRC hole

Winamp fix

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model