Out-of-Band Critical Internet Explorer Security Update

[Corrine]

On Monday, January 14, 2013, Microsoft is planning to release an out-of-band critical security update for the issue described in Security Advisory 2794220.

The update is to address an issue that affects Internet Explorer versions 6, 7 and 8. Internet Explorer versions 9 and 10 are not affected.

Although Microsoft has seen only a limited number of customers affected by the issue, the potential exists that more could be affected. Thus, it is advised that the update be installed as soon as possible.

Even with the update, if your operating system is Windows Vista or Windows 7, update to Internet Explorer 9. For Windows XP, your system will be more secure if you update to Internet Explorer 8.

If you applied the Fix it released in Security Advisory 2794220, it will not need to be uninstalled before applying the security update.
[h=3]References[/h]

• MSRC Blog: Advance Notification for Update to Address Security Advisory 2794220
• Tech Net Advisory: Microsoft Security Advisory (2794220) Vulnerability in Internet Explorer Could Allow Remote Code Execution

 

[Corrine]

Out-of-band Critical Security Update MS13-008 has been released for IE6, IE7 and IE8.

Contrary to the information provided in the MSRC Blog post announcement yesterday, although it is not necessary to remove the Fix it solution prior to installing the update, it is now recommended that it be removed after installing the update.

A direct link to the Fix it to disable the update is available in my blog post at MS13-008 Released for Security Advisory 2794220.