Microsoft finally released a long-overdue cumulative security patch for various Internet Explorer (IE) versions Monday evening. The Cumulative Patch for Internet Explorer affects IE 5.01, 5.5, and 6.0, and Microsoft recommends that all users of these IE versions download and install the patch. Windows XP users will be automatically updated via Auto Update, while Windows 2000, Me, and 98 users can install the patch from Windows Update. Other Windows users can download the patch manually from the Microsoft Web site.
"While this patch will address security issues for Internet Explorer to date, the entire Windows division is in the process of conducting a code review focusing completely on security," a Microsoft representative told me Monday night. "Security is priority one for Microsoft and moving forward, security will be a top priority in the development process because that is what Microsoft's customers want."
The cumulative patch is considered critical: It includes fixes for all six of the major known IE vulnerabilities to date, and it will be included in the forthcoming IE 6.0 Service Pack 1 (SP1) and Windows 2000 SP3 releases. For more information and the free download, please visit the Microsoft Web site.