Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT tid,hits,start_time FROM biztimes_stats.stats_articles_au WHERE tid='542619' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT cmt_count FROM ib_articles_counts WHERE id='542619' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_sources WHERE id='3001' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_articles_options WHERE article_id='542619' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT article_id FROM ib_topics_index WHERE tid='235' ORDER BY id DESC LIMIT 10Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_rates WHERE article_id='542619' LIMIT 1 Critical Windows And IE Vulnerabilities: Microsoft to Dispatch Updates; Fix For 'Zero-Day Vulnerability' on the Way - International Business Times

Critical Windows And IE Vulnerabilities: Microsoft to Dispatch Updates; Fix For 'Zero-Day Vulnerability' on the Way

  • Rate this Story
  • 0
  • 0

By Pavithra Rathinavel | March 11, 2014 12:23 AM EST

Windows XP is set to get its penultimate patch on Tuesday. According to the Microsoft Security Bulletin Advance Notification (March 2014), there will be a total of five updates released this week, two of them addressing "critical" vulnerabilities.

Microsoft
Internet Explorer

Microsoft said the "zero-day" vulnerability in Internet Explorer will be fixed in this set of updates.

What is Zero-Day Vulnerability?

PCtools said this vulnerability refers to a flaw in the software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it. This exploit is called zero day attack. Uses of zero day attacks include infiltrating malware, spyware or allowing unwanted access to user data. The term "zero day" refers to the unknown nature of the flaw to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer who must protect the users. The received vulnerability had a temporary patch from Microsoft in February, after the researchers from FireEye revealed the vulnerability was being served up in a compromise of the U.S. veteran's Web site, as reported by SCMagazine.

What Are the Updates?

According to The Inquirer, Wolfgang Kandek (CTO of security firm Qualys) said, "Priority one should be the two 'critical' patches. Bulletin one for all versions of 'Internet Explorer', starting with v6 all the way to v11 and bulletin two for 'Windows', affecting all Windows OS versions from Windows XP to Windows Server 2012, with the exception being Windows RT."

Bulletins three and four will address important but not critical vulnerabilities in Windows, and bulletin five will be for users of Silverlight on Mac and Windows.

The critical bulletin in the March Patch (Tuesday) updates the January bulletin.

To contact the editor, e-mail:

(Photo: Microsoft / )
Internet Explorer
Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT id FROM ib_slideshows WHERE timestamp>1413952199 AND hits>0 AND outkey='Y' ORDER BY hits DESC LIMIT 10Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT id FROM ib_slideshows WHERE timestamp<1413952199 AND timestamp>1413692999 AND hits>0 AND outkey='Y' ORDER BY hits DESC LIMIT 10
  • Rate this Story
  • 0
  • 0

Join the Conversation

IBTimes TV
E-Newsletters

We value your privacy. Your email address will not be shared.