Zero-day Internet Explorer flaw to be finally patched by Microsoft on Patch Tuesday

Internet Explorer security holeMicrosoft is soon expected to finally patch a zero-day vulnerability that has been actively exploited by hackers in targeted attacks.

The CVE-2013-3893 vulnerability is now pretty much available for anyone to be used against anyone.

The flaw, which was originally directed in targeted attacks against installations of Internet Explorer 8 and 9 in Japan and Taiwan - but which could potentially affect all versions of the web browser - was the subject of a temporary "Fix-It" tool last month, but the world has been waiting for a permanent, proper patch to be rolled out.

So it's good to see that the critical vulnerability is likely to be included amongst those patched in Microsoft's October Patch Tuesday bundle, due on 8th October.

In all, Microsoft is expected to release four "critical" security bulletins, and four rated as "important". Affected products include Internet Explorer, Microsoft .NET Framework, Windows and Microsoft Office.

As Paul Ducklin at Naked Security notes, even Mac users don't escape the need for patches - with a fix being rolled out for a remote code execution vulnerability for Office for Mac 2011.

So, be sure to keep your eyes open for when the patches become available - and roll them out across your computers as soon as possible. If you don't, you run the risk of malicious hackers turning their attention to your network next.

Further preliminary details of this month's Patch Tuesday fixes are included in an advisory from Microsoft.

Tags: , , , , ,

Subscribe to the free GCHQ newsletter

, , , , ,

Special offers & deals

  • Password Boss Premium Version: Lifetime subscription

    Password Boss Premium Version: Lifetime subscription

    All you need to do is remember one master password, and Password Boss will do the rest - remembering all of your different online passwords securely. Security and peace of mind. 86% off normal price!
  • Fancy becoming an ethical hacker?

    Fancy becoming an ethical hacker?

    Save 98% off the regular price and take advantage of IT Security & Ethical Hacking Certification Training for just $29. This course lays out a successful career path for you in the world of computer security.

More deals...

Leave a reply

1 Comment on "Zero-day Internet Explorer flaw to be finally patched by Microsoft on Patch Tuesday"

Notify of

Sort by:   newest | oldest | most voted
October 8, 2013 12:59 pm

Hmmm… I think that this month, I shall wait a few days in case there are any more glitches with the patches. My laptop has still got a hangover from last month's wonky set of updates.