Microsoft Releases Out of Band Internet Explorer Security Update

Yesterday Microsoft released an unscheduled security update for Internet Explorer to resolve 1 critical CVE. At this time, no Known Issues are listed for this update within the revised Security Bulletin Summary page. I have installed this update on multiple Windows 8.1 64 bit and Windows 7 64 bit systems with no issues. If Internet Explorer is not open/running, a restart should not be needed (after closing IE on my systems, no restart was needed to complete the installation of the update).

If you need more time to test and install the patch you can use Microsoft EMET to mitigate the exploitation of the memory corruption vulnerability that this security update resolves before later installing the update (no other workarounds are available).

Microsoft Edge included with Windows 10 is not affected by this security issue but the update will be offered to Windows 10 users since Internet Explorer is still part of Windows 10 (for compatibility reasons).

Users of Windows Server 2012 R2 and Windows 8.1 may notice a second update (KB3089023) is being offered by Windows Update. This update is not a security update but an update of Adobe Flash Player to correct a possible error message that you may encounter under certain circumstances.

Please install the security update as soon as possible since it is addresses a zero day vulnerability (defined) and as mentioned in the security bulletin exploitation of this vulnerability is taking place.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.