Microsoft Issues Out-of-Band Update for Critical, Actively Exploited IE Vulnerability
Article by George Norman
On 30 Mar 2010
Earlier this month Microsoft announced it uncovered a critical security vulnerability that affects its Internet Explorer web browser – mind you, only IE6 and IE7, not IE8. At the time Microsoft released a security advisory in which it explained that the vulnerability “exists due to an invalid pointer reference being used within Internet Explorer.” The vulnerability, if successfully exploited by a person with malicious intent, could allow for remote code execution.

The bad news got worse when Microsoft announced that people with malicious intent were indeed actively exploiting it to infect Windows-powered computers with a Trojan. Since actively exploited vulnerabilities are a big concern, Microsoft said it is considering releasing an out-of-band update for the issue. To help Internet explorer users stay safe and protected, the company updated the security advisory it initially rolled out – it added a Microsoft Fix It to automate a workaround for XP and Windows Server 2003 users.


Turns out that an out-of-band update will be released to address this critical vulnerability – and it will be released today, the 30th of March. The critical vulnerability will be addressed by security update MS10-018, a cumulative security update that addresses 9 other vulnerabilities (this time IE8 is included in the list of affected applications).

“We recommend that customers install the update as soon as it is available. Once applied, customers are protected against the known attacks related to Security Advisory 981374. We have been monitoring this issue and have determined an out-of-band release is needed to protect customers. For customers using automatic updates, this update will automatically be applied once it is released. Additionally, because Security Bulletin MS10-18 is a cumulative update, it will also address nine other vulnerabilities in Internet Explorer that were planned for release on April 13,” explained Senior Security Communications Manager Lead with the MSRC (Microsoft Security Response Center), Jerry Bryant.

Tags: Microsoft, Internet Explorer, IE, Security, Vulnerability, Security Advisory 981374
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 19 Jun 2017
Don’t worry. I’m not going to rehash all those facts that everyone already knows about Bill Gates, like how he got arrested for driving without a license, that he is a college dropout, and that he plans to give most of his fortune to charity.
By George Norman on 31 Jul 2017
Microsoft has a new keyboard to offer: the new, premium quality Microsoft Modern Keyboard with Fingerprint ID. If you’re not familiar with it, then keep on reading and you’ll uncover pretty much everything there is to know about this keyboard.
By George Norman on 07 Jun 2017
Yes, I know that the global PC market is in a downwards spiral for its nth quarter and that mobile usage is on the rise. Still, I argue that a desktop PC is better than all the other alternatives.
By George Norman on 18 Jul 2017
Sure, text remains the main method of communicating with others when using a messenger application like Skype, but if you really want to get the message across, using an emoticon, emoji or sticker can’t hurt.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Microsoft Issues Out-of-Band Update for Critical, Actively Exploited IE Vulnerability
HTML Linking Code