Skip navigation

Microsoft Delivers IE Update, Patches Zero Day Flaw

From Microsoft:

Microsoft issued out-of-band security update MS10-018 to address the vulnerability described in Microsoft Security Advisory 981374, affecting Internet Explorer 6 and Internet Explorer 7.  Internet Explorer 8 is unaffected by the vulnerability in Security Advisory 981374, and is not vulnerable to any of the current attacks. We have been monitoring this issue and have determined that an out-of-band release is needed to protect customers. Microsoft recommends that customers test and deploy this security update as soon as possible.

Because Security Bulletin MS10-018 is a cumulative update, it will also address nine other privately reported vulnerabilities in Internet Explorer that were planned for release on April 13. The update is rated "Critical" and applies to all currently supported versions of Internet Explorer including Internet Explorer 8, because three of the additional vulnerabilities impact Internet Explorer 8 on Windows 7.

The most severe vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. However, customers whose accounts are configured with fewer user rights, such as not running in administrative mode on the system, may be less impacted than those who operate with administrative user rights.

Fire up Windows Update if you'd like to install this immediately. I had to click "Check for updates" to get it to appear.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.