Patch Tuesday round of Microsoft for February 2012 released yesterday on February 12, 2013. This patch will fix a couple of critical flaws in Internet Explorer. The patch includes special bug fixes of Internet Explorer which put every user at a risk of being attacked. As part of the monthly security bulletin release cycle Microsoft usually releases the Patch Update on second Tuesday of every month. The company never reveals any details about the bugs to be fixed in the patch beforehand. Company fixes the highly critical flaws in emergency under ‘out of cycle’ updates.
Talking about the security patch, director of security operations, Andrew Storms said,”Generally, when Microsoft patches IE, the patch is delivered as a single bulletin. The planned delivery of two separate IE bulletins has my Spidey senses on alert. I’m sure other IT security teams are wondering exactly what kind of IE valentine we’re going to get.”
According to the security threat report 2013 released by McAfee, Malware writers are targeting the Windows browsers exceedingly, especially all supported version of IE, right from IE 6 to IE 10 running on Windows 8. The hackers embed the hidden code in the corrupt websites which further infect the computer system through drive-by downloads.
Other critical bug fixes included in February patch round of Microsoft include one for Vista, two for Windows XP and one of enterprise software ‘Microsoft Exchange Server’ running emails in companies.
Microsoft currently is patching seven other important flaws reportedly, four of which include privilege escalation where user get the administrative power to make changes to the system.
Senior manager at Boston’s CORE Security, Alex Horan says, “Hackers could Phish users and then leverage 7, 8 and 9 to get system-level control of their machines. That is essentially a worst-case scenario and a potential knockout punch for security personnel.”
These patches released by the company are pushed in the Automatic Windows Update. Small business users and home users can get the update by turning automatic updates ‘ON’, whereas big companies usually choose to update their system manually to implement these patches.