Microsoft have at last, issued a permanent patch for a known exploit that was perhaps used by cybercriminals and hackers over the last few months. In its standard security update for this month of October, Microsoft has patched a critical Internet Explorer vulnerability that possibly exposed users to malware and hacks for, believe it or not, the last three months!
The permanent patch is for an exploit known as CVE-2013-3893, which had the capability to work its way into all supported versions of Microsoft’s web browser, Internet Explorer. Microsoft announced the existence of the vulnerability back in September and released a downloadable remedy, a Fix It tool, until the permanent patch was ready. “The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer,” Microsoft’s Dustin Childs wrote in a blog post on Tuesday. “An attacker who successfully exploited these vulnerabilities could gain the same rights as the current user running Internet Explorer.”
The new update with the permanent patch, dubbed MS13-080, corrects 10 issues within Internet Explorer. In addition to patching the Internet Explorer vulnerability, Microsoft has also issued three other critical bulletins and four important ones. All of the bulletins totalled together, target 26 different vulnerabilities in Internet Explorer, Office, .NET Framework, SharePoint, Silverlight, Windows and more.
The problems we consistently see in Microsoft’s framework are a constant and worrying sign that their operating system and software, leaves a great deal to be desired. I know each and every OS on the market has flaws, but it does seem to me that Windows has more than most, which persistently need to be addressed, coded, patched and released to the general public. Personally, I’m sticking with Mountain Lion.
[Image via: nothoughtcontrol]