Microsoft Gears Up To Patch Major Internet Explore Pwn2Own Flaw

Microsoft Gears Up To Patch Major Internet Explore Pwn2Own Flaw

Early this morning Microsoft announced a new batch of updates (for Windows and Internet Explorer, among other products) that are set for release next week. These are part of the company’s monthly Patch Tuesday cycle.

As is usually the case, the software titan has not provided details or specifics other than listing some of the updates as critical.

PropellerAds

But security analysts expect Microsoft to publish fixes for the major security flaws that were unearthed during the recently held Pwn2Own contest at the CanSecWest Conference.

The directory of security operations at security firm nCirlce, Andrew Storms, talking to ThreatPost said that Microsoft will most likely use this opportunity to block these zero-day exploits and make its browser even more secure:

“Even with their new, more aggressive IE patch cadence they’re still behind other browsers that don’t stick to a monthly patch schedule. This probably isn’t a huge problem for enterprise security teams because the bug hasn’t been publicly released.

The number of bulletins isn’t the only factor IT security teams consider when they review a patch so, even though the overall patch count is a little higher than average this month and only two of the bulletins merit a critical rating, it’s too early to assume it’s going to be an easy month.”

As noted above, the flaw is not too much of a threat for businesses and enterprises, considering the fact that it has remained discreet.

Along with these Internet Explorer flaws, Microsoft is also set to fix a critical vulnerability found in earlier version of Windows like XP, Vista and 7. Both Windows 8 and RT are in the green in this particular case.