Thursday 27 September 2012

Microsoft fixes critical vulnerability in Internet Explorer


On Monday, 17/09/2012, information about a previously unknown security hole in Internet Explorer were leaked to the public. A security researcher who discovered the flaw in the analysis of malware. This he had found on a server, who was allegedly under Kotrolle a Chinese Hack Group. Microsoft had subsequently on 20 September released a fix-it tool, which could be about the Internet Explorer secure provisional.

The update from Friday evening (09/21/2012) closes this vulnerability (CVE-2012-4969) final and also eliminates four more security problems. It always refers to "use after free" vulnerability in which code can be run in memory areas, after a program has this already been released. This can lead to crashes in which malicious code is started.

Microsoft provides the fix, for example, with the name "Cumulative Security Update for Internet Explorer 9 (KB2744842)" in a single file. If you have previously installed the fix-it tool, you must not remove this before the update. There are updates for all affected systems, ie Windows XP with Service Pack 3, Windows Vista Service Pack 2 and Windows 7 Server 2003, 2008 and 2008 R2 are also affected. Deliveries are made automatically through "Windows Update" if the auto-update is enabled. You can also download the update from the Microsoft Download Center. Search here for "KB2744842" and download the appropriate update for your system down.

No comments:

Post a Comment