Microsoft Patches Windows Flaws, But Not Internet Explorer
Microsoft released security updates yesterday (Jan. 11) to fix three flaws in its Windows operating system, one of which was marked critical. However, bugs in Internet Explorer still remain unpatched.
The critical security update tackles two vulnerabilities in all versions of Windows that could allow an attacker to take complete control over a user's system by tricking the user into viewing a compromised Web page. The second update addresses a flaw in Windows Vista.
Interestingly, although security flaws have been present in its popular Internet Explorer browser since December, Microsoft did not roll out an IE update in this month's fix. Nor did the company patch a serious flaw in its Graphics Rendering Engine that was discovered Jan. 4.
However, Microsoft is closely monitoring both flaws. On its TechNet blog, the company said that it will update or issue advisories if the threat landscape changes.
For now, Microsoft is urging IE users to stay safe by downloading the Enhanced Mitigation Experience Toolkit, which can detect and block browser attacks. It is available for download at www.microsoft.com.
- How to Survive a Hard Drive Crash or Laptop Theft
- Security and Privacy Software Reviews
- The Future of Internet Passwords