Zero-day IE flaw not in Microsoft Patch Tuesday

Vulnerability in Internet Explorer will not be patched in Microsoft's next Patch Tuesday.

Patch

Microsoft has not included Internet Explorer in its Patch Tuesday list, leaving a zero-day vulnerability without a fix.

The flaw could allow hackers to obtain information, or take any action that the user could take on an affected website.

The Redmond giant could be placing the browser at even greater risk, as the controversial hacking contest Pwn2Own is due to start next week.

Advertisement - Article continues below

Both Google and Mozilla have patched their browsers in time for the event, but Microsoft has opted not to.

Websense recently reported flaws in Internet Explorer were targeted as part of a hack on ad firm Unanimis that could have placed tens of thousands of people in danger.

Next week's Patch Tuesday will be a relatively light one, with just three bulletins, one of which is rated as critical while the other two are rated important.

"The critical update affects Windows XP, Vista and Windows 7 while Windows Sever 2003 and Server 2008 are not affected," said Amol Sarwate, manager at the Qualys vulnerability research lab.

"One of the important updates affects all Windows operating systems and we expect it to be for the MHTML Information Disclosure issue, which was left un-patched in last month's patch cycle."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020
Visit/software/operating-systems/355080/internal-docs-show-apple-is-aware-of-ios-13-hotspot-disconnect
operating systems

Report: Apple is aware of iOS 13 hotspot disconnect issue

23 Mar 2020
Visit/operating-systems/26138/how-to-speed-up-windows-10
operating systems

How to speed up Windows 10

4 Mar 2020
Visit/security/cyber-security/355041/critical-nhs-cyber-security-checks-suspended-due-to-coronavirus
cyber security

Critical NHS cyber security checks suspended due to coronavirus response

19 Mar 2020