Microsoft provides the Microsoft Security Bulletin Advance Notification Service to help the customers plan for effective use of security updates. In its pre-Patch Tuesday notification advisory, Microsoft states that the company is planning to release a fix for the entire bugs in all versions of Internet Explorer with the coming patch Tuesday May 2013. This patch will fix the bugs in Internet Explorer 6-10.
It will reportedly fix the few vulnerability issues spotted being used in an attack campaign against users of IE8. Users of Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Explorer 10 are not affected of this vulnerability.
Security and forensic analyst at Lumension says, “We always recommend upgrading to the latest version of any software, as that’s typically the most secure. If your system is compatible with IE 10 and you’re not running it already, upgrade now”.
The coming patch Tuesday will reportedly release tomorrow on May 14, 2013, with a fix for one of 34 issues lined up. The patch will release 10 security bulletins including two ‘Critical’ and eight ‘Important.
The two critical bulletins address various vulnerability issues in Internet Explorer and the remaining eight bulletins will cover vulnerabilities in Microsoft Windows Essentials, Microsoft Office, Microsoft Lync, and Windows.
Talking about the coming patch Tuesday, senior product manager at CORE security Alex Horan said, “May is going to a busy month for administrators, with 10 patches and a number of restarts required”.
