Critical Windows And IE Vulnerabilities: Microsoft to Dispatch Updates; Fix For 'Zero-Day Vulnerability' on the Way
By Pavithra Rathinavel | March 11, 2014 12:23 AM EST
Windows XP is set to get its penultimate patch on Tuesday. According to the Microsoft Security Bulletin Advance Notification (March 2014), there will be a total of five updates released this week, two of them addressing "critical" vulnerabilities.
Microsoft said the "zero-day" vulnerability in Internet Explorer will be fixed in this set of updates.
What is Zero-Day Vulnerability?
PCtools said this vulnerability refers to a flaw in the software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it. This exploit is called zero day attack. Uses of zero day attacks include infiltrating malware, spyware or allowing unwanted access to user data. The term "zero day" refers to the unknown nature of the flaw to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer who must protect the users. The received vulnerability had a temporary patch from Microsoft in February, after the researchers from FireEye revealed the vulnerability was being served up in a compromise of the U.S. veteran's Web site, as reported by SCMagazine.
What Are the Updates?
According to The Inquirer, Wolfgang Kandek (CTO of security firm Qualys) said, "Priority one should be the two 'critical' patches. Bulletin one for all versions of 'Internet Explorer', starting with v6 all the way to v11 and bulletin two for 'Windows', affecting all Windows OS versions from Windows XP to Windows Server 2012, with the exception being Windows RT."
Bulletins three and four will address important but not critical vulnerabilities in Windows, and bulletin five will be for users of Silverlight on Mac and Windows.
The critical bulletin in the March Patch (Tuesday) updates the January bulletin.
To contact the editor, e-mail:
Join the Conversation
- Black Friday And Cyber Monday Sale 2014: AT&T's Cricket Wireless Offers Discounts On Lumia 1320, Galaxy S5, S4 And HTC Desire 510
- Target’s ‘Surprise Doorbusters’ Black Friday 2014 Deals On TV Sets, Entertainment Centres, DVD Players And More
- ISIS Kidnaps Iraqi Defence Minister’s Family, Executes Female Parliament Candidates
- T-Mobile’s Black Friday 2014 Deals On Apple iPhone 6, Samsung Galaxy Note 4/Edge, Nexus 6, HTC One M8, LG G3, iPad Air 2 And Mini 3
- '$2,000 For Sex'—Pleads Unlucky-in-Love Guy On OKCupid
- IKEA Black Friday 2014 Ad Includes Discounts On Home Furnishings, Appliances, Kitchen Designs, Beds, Sofas, Mattresses And Toys
- ISIS Drug Transit From Afghanistan To Europe Confirmed By Russia: Money Goes Into Terror Funding And In New Recruitments