IE 9.0.10 Available via Windows Update

Today we released
Security Update MS12-063 to address limited attacks against a small number
of computers through a vulnerability in Internet Explorer versions 9 and earlier.
We also released
an update that addresses vulnerabilities in Adobe Flash Player in Internet
Explorer 10 on Windows 8. The majority of customers have automatic updates enabled
and will not need to take any action because protections will be downloaded and
installed automatically. For those manually updating, we encourage you to apply
this update as quickly as possible.

Microsoft Security Bulletin MS12-063

This security update resolves one publicly disclosed and four privately reported
vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow
remote code execution if a user views a specially crafted Web page using Internet
Explorer. An attacker who successfully exploited any of these vulnerabilities could
gain the same user rights as the current user. Users whose accounts are configured
to have fewer user rights on the system could be less impacted than users who operate
with administrative user rights. This security update is rated Critical for Internet
Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on
Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet
Explorer 8, and Internet Explorer 9 on Windows servers. Internet Explorer 10 is
not affected. For more information about the vulnerabilities, see the
full bulletin. This security update also addresses the vulnerability first
described in
Microsoft Security Advisory 2757760.

Recommendation. Most customers have automatic updating enabled and will not need
to take any action because this security update will be downloaded and installed
automatically. Customers who have not enabled automatic updating need to check for
updates and install this update manually. For information about specific configuration
options in automatic updating, see
Microsoft Knowledge Base Article 294871. For administrators and enterprise
installations, or end users who want to install this security update manually, Microsoft
recommends that customers apply the update immediately using update management software,
or by checking for updates using the
Microsoft Update service.

Microsoft Security Advisory (2755801)

Microsoft is announcing the availability of an update for Adobe Flash Player in
Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012.
The update addresses the vulnerabilities in Adobe Flash Player by updating the affected
Adobe Flash libraries contained within Internet Explorer 10. For more information,
see the advisory.

—Tyson Storey, Program Manager, Internet Explorer

Comments

• Anonymous
  September 21, 2012
  There was no fault. I will consider it as a report. The version was also reflected exactly. Thank you for the quick action. It is Windows 7.

• Anonymous
  September 21, 2012
  I have issues with your ie updates. i'm running windows 8, but it happened in windows 7, too. after I install ie updates, you reset all of my bing search settings to defaults. I have to go in and change my safesearch settings and turn suggestions back off. Then, after I click ok, I'm returned to the bing homepage and then have to click the preferences button again to go in and change the web preferences to open links in a new browser window and limit my search to english. I set these on purpose and don't expect them to be changed every time you do an update. so,

1. don't reset my ning search settings.
2. on the preferences page, don't return to the bing homepage after clicking on save. stay in preferences.

• Anonymous
  September 21, 2012
  @Gkeramidas, this is something we call IE amnesia --> connect.microsoft.com/.../ie-amnesia-forgets-all-user-preferences. This also happens when the system crashes, or there is power loss and system shut down unexpectedly, IE crashes unexpectedly (not always in this case).. The user-preference retention is somehow highly dependant on the "Saving Settings" when you shutdown windows! NEVER HAPPENED WITH FIREFOX or any non-IE browser.. Like it said, its termed as IE amnesia. Use case : "To ensure the user that their cookies are saved when they save them." Apparently IE team at Microsoft don't think its the issue worth spending time on (if you read the comments under the aforementioned bug report)

• Anonymous
  September 21, 2012
  The comment has been removed

• Anonymous
  September 21, 2012
  The comment has been removed

• Anonymous
  September 21, 2012
  The comment has been removed

• Anonymous
  September 21, 2012
  Microsoft shoul clarify whether or not IE on Windows Phone 7 devices are affected.

• Anonymous
  September 21, 2012
  Very nice

• Anonymous
  September 22, 2012
  @Mitsuha - they could but why waste the effort to inform the 13 users that have a Windows phone?! Just let the users upgrade to a better phone... Heck the users can't even update to windows 8 so why bother fixing a dead phone?!

• Anonymous
  September 22, 2012
  The comment has been removed

• Anonymous
  September 22, 2012
  @'@Lee' - That's so true! By the way, aren't there more than 15 million Winodws Phone users?

• Anonymous
  September 22, 2012
  @Lee & @Yannick - Yeah! A happy former owner of HTC Titan, a very happy owner of a Lumia 900 and an extremely excited owner-to-be of a Lumia 920 here! :D @Mitsuha - WP 7.5 devices use the same layout engine as IE9, but otherwise different software. No, they're not affected.

• Anonymous
  September 23, 2012
  @George - I tried to use metasploit against IE on WP7, and it became very unstable. For example, after opening exploit page, it crashed when I tapped 'favorite'. Heap seems to be in inconsistency state, or corrupted. So I think it is also vulnerable.

• Anonymous
  September 23, 2012
  Please,release Internet Explorer 10 for Windows 7!

• Anonymous
  September 23, 2012
  Please,release Internet Explorer 10 for Windows 7! <step> 1.Beta Version(Octorber) 2.Release candidate(November) 3.Final Version(December)

• Anonymous
  September 23, 2012
  in the windows xp start up exist one big bug ! when i install visual studio 2010 or some softwares , windows start up become very slow ?! i can open my computer but don't allow to run antivirus and firewall or i can't open visual studio for 3 or 6 minutes ! all this softwars await to run windows security alert . www.8pic.ir/.../ke44mm8vf8hvgdfc9cv.png also this problem don't allow to user to open and connect to internet and web browser. thanks.

• Anonymous
  September 23, 2012
  The comment has been removed

• Anonymous
  September 28, 2012
  I have been blocked out of my hotmail account and do not even could re-intall IE9. The message indicate that IE9 could not open a "log" file. The account was hacked and was sending emials to all my contacts. How do I could install a new IE9 and fix the account issue? any suggestions?.   Using Win 7 Home Premium

• Anonymous
  September 30, 2012
  I noticed it.  I am having problem with Window Updating.  Can't figure it out.  I noticed yellow Question on bottom telling me to updating and I have done it.  It seem Window Update failed.  Wonder why.

• Anonymous
  October 01, 2012
  IE had information that new brittleness was found in all the versions. It is said that the before corresponding thing is on a separate charge. Please let me enough for a patch this month. Even so, it is found well. Is IE10 OK?

• Anonymous
  October 01, 2012
  It changed between comments. The administrator needs to delete. Thank you for your consideration.

• Anonymous
  October 01, 2012
  its not the bug. You have turn off antivirus. Turn it on and plug the internet cable and try again.

• Anonymous
  October 03, 2012
  IT'S NOT TRUE.first install vs2010 then exam this problem. some API 's run after windows complete start up.

• Anonymous
  October 05, 2012
  I would suggest a major update/upgrade to IE9 . Uninstall it and install firefox, chrome or safari !