We’re only 16 days into 2013, and yet, we’ve already seen the release of two emergency patches. One, of course, was Oracle’s patch for Java. But on Monday, Microsoft announced that it, too, was releasing an emergency patch, just days after its monthly Patch Tuesday. As Rapid7’s senior manager of security engineering, Ross Barrett, told […]
We’re only 16 days into 2013, and yet, we’ve already seen the release of two emergency patches. One, of course, was Oracle’s patch for Java. But on Monday, Microsoft announced that it, too, was releasing an emergency patch, just days after its monthly Patch Tuesday. As Rapid7’s senior manager of security engineering, Ross Barrett, told me in an email:
Microsoft has indicated that theey will patch Internet Explorer to address a vulnerability affecting versions 6, 7, & 8 (CVE 2012-4792). If Microsoft’s security team is correct, this vulnerability is still seeing only limited exploitation in the wild, but there is no reason to hold off only releasing a fix now that the patch is ready. It always seems to be a race between security teams and malware writers, in this case given the attention this vulnerability has received it likely will not be long before exploitation becomes widespread. Getting a fix out under these circumstances is like immunizing ahead of an outbreak that has already started.
It’s unusual, but not unheard of, for Microsoft to release an out-of-band patch, but the release shows that Microsoft is on top of the need to correct vulnerabilities in a timely manner – as opposed to waiting until the next scheduled release, waiting until the pressure is on, or doing it stealthily. In fact, ComputerWorld pointed out that Microsoft “kept calm” in its latest release (the article also said we should expect the next Patch Tuesday to fix a broader number of vulnerabilities for IE).
I think we should also take notice of the versions of IE that had to be patched: 6, 7 and 8. We know that IE6 has been a problem for quite some time now, and if your company hasn’t updated from that version yet, you aren’t doing yourself any favors. Newer versions of IE – of any browser for that matter – tend to be more secure (this isn’t a problem for IE9 or IE10, for instance). If you have downloaded the patch, you may want to look into updating your browser.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
