Microsoft has released some security updates addressing Internet Explorer’s vulnerabilities, as well as promoting a new website to foster better browser security. The new update addresses eight vulnerabilities that deal with remote code execution.
Microsoft, with the October 2011 cumulative security update, has released some security updates for Internet explorer 9.0 adressing some privately reported vulnerabilties.
In the IEBlog, Tyson Storey, the program manager of the internet explorer team, wrote that “The security update resolves eight privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer on Windows clients and Moderate for Internet Explorer on Windows servers.”
He also recommended that all end users and administrators, who do not have automatic updating through the Microsfot update service, to manually download and install the IE9 security (2586448) update immediately. For more information about the security bulletin, you can visit the Microsoft website.
Better browser security
In some other related browser news, Microsoft has introduced a new website,yourbrowsermatters.org, highlighting the danger of using outdated web browsers.
Roger Capriottie, in the Windows Blog team Internet Explorer talked about some of the common vulnerabilities such as zero day attacks and socially-engineered malware. He also talked about the goals of the new website, which he described as “a resource for anyone who wants to improve their online security and increase their protection from socially engineered malware threats like phishing attacks.” He then wrote that people can use the website will “offer an easy way for people to assess their current browser’s security features.”.
Roger also mentioned that the new website “also makes it easy for people to upgrade to the latest version of any of the most popular browsers, including Internet Explorer, Firefox, or Chrome.” You can visit the windodws blog team to find more information.
And, if you really want to assess how secure is the browser that you are using, you visit yourbrowsermatters.org and get your score. Interestingly, IE9 was able to get a perfect score.