April 2013 Internet Explorer Updates

  • 發行項

Microsoft Security Bulletin MS13-028 - CriticalThis security update resolves two privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows servers. For more information, see the full bulletin.

Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.

Microsoft Security Advisory (2755801)

Today we also released an update that addresses vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8. The details of the vulnerabilities are documented in Adobe security bulletin APSB13-11. The majority of customers have automatic updates enabled and will not need to take any action because the update will be downloaded and installed automatically. For those manually updating, we encourage you to read the advisory and apply this update as quickly as possible.

This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10. For more information, see the advisory.

— Ceri Gallacher, Program Manager, Internet Explorer

Comments

  • Anonymous
    April 09, 2013
    I see IE10 on windows updates listed as an important update but it isn't getting installed automatically. Is this a bug?

  • Anonymous
    April 09, 2013
    Will these fix the memory leak issue?

  • Anonymous
    April 09, 2013
    @Ceri Gallacher, How about some features updates for IE10? The "Install newer version automatically" is yet another eyewash? Nothing is updated in background ever since...

  • Anonymous
    April 09, 2013
    dhruvika

  • Anonymous
    April 09, 2013
    @Pablo, IE 10 seems to move from "optional unselected" to "important selected" in stages. Probably the next time you run Windows Update it will appear as selected. That's what happened to me.

  • Anonymous
    April 09, 2013
    is this updates

  • Anonymous
    April 09, 2013
    @Kevin IE 10 has been "important unselected" on my computer for weeks now.

  • Anonymous
    April 09, 2013
    Still there is no fix for TPLs not automatically updating. Do Not Track is useless.

  • Anonymous
    April 09, 2013
    No fix for Pwn2Own zero day issues?

  • Anonymous
    April 09, 2013
    No issue to report. IE status: healthy.

  • Anonymous
    April 10, 2013
    To people whining about lack of updates. Cumulative Security Updates for Internet Explorer are not only about security. They quite often include other non-security fixes. Look at support.microsoft.com/.../2817183 under 'Non-security-related fixes that are included in this security update'.

  • Anonymous
    April 10, 2013
    I apologize.Updating of TPLs is fixed. I should wait few more days before posting that TPLs are not updating. Thanks.

  • Anonymous
    April 10, 2013
    I apologize.Updating of TPLs is fixed. I should wait few more days before posting that TPLs are not updating. Thanks.

  • Anonymous
    April 10, 2013
    IE team, I'm wondering, we are now 2 years after the IE9 launch, at version 9.0.15. Does the point release keep counting up until the EOL status for IE9 arrives (in 2020, with Windows 7)? Or are you guys planning to launch something like IE9.1?

  • Anonymous
    April 10, 2013
    Yannik, if you think IE team would give you some kind of ETA then you are mistaken. Its not their style.

  • Anonymous
    April 11, 2013
    I just installed IE10 on two of my computers with Windows 7 x64 Pro on them and now they run so slow! How do I get back to IE9?

  • Anonymous
    April 11, 2013
    So when are we going to start hearing news about IE11?  The fact it is included in the windows 8.1 leaks has me wondering if it will be released this winter along with 8.1?

  • Anonymous
    April 11, 2013
    no

  • Anonymous
    April 11, 2013
    @elop - I know, but you can always try... :p @Lowry - Windows 8.1 is, according to rumors, planned for the end of the summer. And for the ones that now think "Probably not than, it's to short after 10": no, that's not to short after 10. IE10 is RTM'ed back in August, so, they are already working on IE11 for over 8 months.

  • Anonymous
    April 12, 2013
    This update is as large as Internet Explorer installation package itself. Why not release an updated installer?

  • Anonymous
    April 13, 2013
    Does this update fix the TextArea focus bug in IE or the broken keyboard activation in text fields in Internet Explorer on the desktop of windows 8 tablets?! I know so many IT shops that refuse to roll out Windows 8 until some of this real basic behavior is fixed.  We want our users to upgrade but Microsoft is making this very hard.

  • Anonymous
    April 14, 2013
    "I know so many IT shops that refuse to roll out Windows 8 until some of this real basic behavior is fixed.  We want our users to upgrade but Microsoft is making this very hard." I highly doubt any company is holding back on Windows 8 because of a minor IE10 bug.

  • Anonymous
    April 15, 2013
    The comment has been removed

  • Anonymous
    April 15, 2013
    The comment has been removed

  • Anonymous
    April 15, 2013
    Netflix starting to ditch Silverlight in favor of HTML5: www.androidcentral.com/netflix-now-available-arm-chromebooks-html5-player-0 The day Silverlight dies just can't come soon enough!

  • Anonymous
    April 15, 2013
    @Howard, that's not a bug; that's the way Windows 8 works. To trigger the on-screen keyboard in the desktop, click the keyboard icon in the notification area. As it's 'working as designed' probably not worth continually asking for a change in behavior.

  • Anonymous
    April 16, 2013
    The comment has been removed

  • Anonymous
    April 17, 2013
    @Frustrated: Your rant is two years late.

  • Anonymous
    April 17, 2013
    Are you one of those guys who thinks that you still have to develop for IE6/7?

  • Anonymous
    April 18, 2013
    The comment has been removed

  • Anonymous
    April 18, 2013
    Does the IE Team know about the IE10 on Win7 woes that have cropped up as of April 1st or so for people who still try to develop VB6 programs on Win7?  And who knows how many other development environments are impacted? From the reports (tons of them, Google for "IE10 breaks Common Controls" or similar) it may be related to the install not registering the OCXs properly or it may be related to an expired certificate (some people say setting the system date back prior to April 1, 2013 fixes it).  It can't just be the 2.1 interface version since no Vista user is impacted even if they have both the 2.0 and 2.1 interfaces registered (IE10 is not offered for Vista - a blessing?). Some suggest changing permissions on registry keys fixes it, some suggest copying earlier versions of the OCXs and re-registering, but most choose to uninstall IE10 and block/hide it in Windows Update. Almost as bad as the earlier Win7 SP1 ADO binary compatibility fiasco.

  • Anonymous
    April 19, 2013
    In case it's not blatantly obvious, comments here are not being read anymore.

  • Anonymous
    April 20, 2013
    @EricLaw, only here? On connect, windows-blogs or anywhere you go, the comments addressed to Internet Explorer team are ignored.  Only you can tell why is that! Why Internet Explorer team cannot be cooperative like Visual C or Visual Studio teams? Taking surveys and caring about consumers and give them what they want for ONCE!! IE team is the most criticized team in the entire Microsoft. They don't play ball, do they? If you hate me saying it loud, then get mad at me and out of rage and anger redevelop F12 developer tools which stay best for next 5 years in the market! but we know it aint gonna happen...

  • Anonymous
    April 20, 2013
    The comment has been removed

  • Anonymous
    April 21, 2013
    I have an issue with IE 10 on windows 7 not only is it slow but when you click certain links or that sort of similar thing nothing happens. Certain things that work on other browsers such as certain links don't work on IE 10 for windows 7. (haven't tested on windows 8)

  • Anonymous
    April 21, 2013
    still working on it

  • Anonymous
    April 21, 2013
    not yet

  • Anonymous
    April 22, 2013
    some computers youse IE 8 and it don have InPrivet browsing can any one help?

  • Anonymous
    April 22, 2013
    If you want InPrivate browsing then you are going to have to stop using IE8