Microsoft Patch Tuesday: IE Security Fix Not Ready

Microsoft's January 8, 2013 Patch Tuesday includes a total of seven patches, two of which Microsoft is labeling 'critical,' the firm's highest security rating. Notably absent from the lineup of fixes will be a patch for a recently-outed Internet Explorer security flaw.

This Patch Tuesday's critical fixes address security vulnerabilities that, like so many other previously patched vulnerabilities, could potentially allow a hacker to remotely execute malicious files and take control of an unpatched computer.

As usual, hackers could do this by convincing a computer user to visit a malicious website or a click a link in an email.

Patches for Two 'Critical' Vulnerabilities Coming This Tuesday

If your computer is set to automatically receive security updates from Microsoft, these patches will be downloaded and installed this coming Tuesday, or afterwards, as soon as you reboot or shut down your system. (Source: thenextweb.com)

Observers caution Windows users, however, that there is still no patch available to remedy a zero-day security flaw that affects versions 6, 7, and 8 of Microsoft's Internet Explorer (IE) web browser.

Last weekend, reports emerged about this flaw, which does not seem to affect versions 9 and 10 of Internet Explorer.

Temporary Workaround for IE Flaw Available

So far Microsoft has issued a temporary workaround for the problem. The software giant says the workaround will prevent the flaw from being exploited and does not require users to adjust their Internet Explorer browser settings.

The fix does not require users to reboot their systems, either.

However, Microsoft says this workaround is only temporary and is not designed to permanently remove the IE vulnerability. More information about the workaround can be accessed by clicking here.

Note that this temporary workaround will not be automatically downloaded and applied to your system by Microsoft. You must take care of this matter on your own.

In the meantime, the Redmond, Washington-based firm is scrambling to produce a more permanent and self-installing solution for the problem in older versions of IE.

"We are actively working on a security update for the issue described by Security Advisory 2794220," noted Dustin Childs, group manager of Microsoft Trustworthy Computing. (Source: cnet.com)