March 2013 Internet Explorer Updates

  • 發行項

Microsoft Security Bulletin MS13-021 - CriticalThis security update resolves eight privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows servers. For more information, see the full bulletin.

Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.

Microsoft Security Advisory (2755801)

Today we also released an update that addresses vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8. The details of the vulnerabilities are documented in Adobe security bulletin APSB13-09. The majority of customers have automatic updates enabled and will not need to take any action because the update will be downloaded and installed automatically. For those manually updating, we encourage you to read the advisory and apply this update as quickly as possible.

This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10. For more information, see the advisory.

— Tyson Storey, Program Manager, Internet Explorer

Comments

  • Anonymous
    March 12, 2013
    good

  • Anonymous
    March 12, 2013
    If a user downloads and installs IE (any version), why do these updates come after installing? Why are these so-called crtitical updates not made part of the installers?

  • Anonymous
    March 13, 2013
    I'm looking google player but it sn't working For me?

  • Anonymous
    March 13, 2013
    "This security update is rated Critical for Internet Explorer 6, Internet Explorer 7..." So you mean this update patches IE6 and IE7?! - Why bother patching them!? ...if you don't release patch these old/obsolete browser, it may just encourage the tiny minority of users using IE6 & 7 to actually update their browsers to at least IE8! By continuing to "patch" IE6 and IE7 Microsoft is sending out the message that it's fine to carry on using these browser indefinitely it would seem!!

  • Anonymous
    March 13, 2013
    The only way to get them to upgrade is to convince more websites to stop supporting them.  IE6 is basically dead anyway, but IE7 hasn't quite reached that point.  But yeah, leaving security issues in isn't going to convince them to upgrade because they don't know enough about computers to even update their browser once every 5 years.

  • Anonymous
    March 13, 2013
    Are the TextArea bugs in IE10 fixed in this release? If not when are they going to be addressed as my customers are finding it really annoying. We've told most that can that upgrading from IE10 to Google Chrome solves the problem but realistically IE10 shouldn't have shipped with such a major bug.

  • Anonymous
    March 13, 2013
    Oops forgot the bug link (in case you really were not aware of it!) Bug 571: webbugtrack.blogspot.ca/.../bug-571-ie-10-textarea-focus-is-broken.html It's not quite as bad as the iOS safari bug with TextAreas that renders the keyboard useless but still a major usability issue

  • Anonymous
    March 13, 2013
    it would be nice not only to have critical updates and all the time stories about how fast IE is, but rather updates on usability like separators for bookmarks, humane bookmark-editor dialog (virtually unchanged for centuries), at all humane accesible bookmarks within modern ui version of IE, not to sort bookmarks alphabetically after an import and last but not least an ad blocker. Btw, are other browsers announced for RT?

  • Anonymous
    March 13, 2013
    When can we expect fix for tracking protection lists that are not automatically updating in IE10 (Windows 7 & 8) ?

  • Anonymous
    March 14, 2013
    Now that the MPEG LA has given up its attempt to control the VP8 license and walked away from it, all of Microsoft's questions about WebM (blogs.msdn.com/.../html5-and-web-video-questions-for-the-industry-from-the-community.aspx) have been answered. When can we expect WebM support to be built into both Windows and Internet Explorer? Further reading: blog.webmproject.org/.../vp8-and-mpeg-la.html blog.webmproject.org/.../onward.html www.w3.org/.../good_news_about_vp8_licensing.html www.robglidden.com/.../google-mpegla-vp8-mpeg-proposal

  • Anonymous
    March 14, 2013
    @GreatMarko: I personally have a vulnerability report (14136wp) related to a security bug that only affects IE7.

  • Anonymous
    March 14, 2013
    Since the latest updates went in this morning 13th March, only my home page opens in Explorer, and then not fully functioning,  No other sites will open from my favourites or from the frequent sites in a new tab. The only way to get another site is from a right click on the icon in that task bar and clicking a frequent from there. I am not even sure I will get back to this site to see if it a general or a specific problem

  • Anonymous
    March 14, 2013
    There's something wrong with IE10/Windows Updates.  I am using Windows 10 RTM on Windows 7 SP1.  My Windows Update last installed 3 updates on 12/03/2013 (KB890830, KB2807986, and KB2791765).  This update (KB2809289) is not found by my Windows Update, so I cannot install it.  Have Microsoft definitely released this on Windows Update?  If so, what's wrong?  I am now concerned that Windows Update is now missing some updates.

  • Anonymous
    March 14, 2013
    If you check the bulletin linked in the main blog post you will see IE10 on Windows 7 is not affected, though they should have made this clear in the blog.

  • Anonymous
    March 14, 2013
    The comment has been removed

  • Anonymous
    March 15, 2013
    latest verson

  • Anonymous
    March 15, 2013
    The comment has been removed

  • Anonymous
    March 15, 2013
    As of yesterday March 14, 2013 I cannot open att.net mail in Internet Explorer.  I contacted my internet provider and they said to use Safari or google chrome to open the mail.  I have never used Safari for my mail but it worked.  Still not able to open mail in Internet Explorer - att.net mail.

  • Anonymous
    March 15, 2013
    How's the TextArea fix coming? IE10 seems pretty unpolished with glaring issues like this.

  • Anonymous
    March 18, 2013
    the is very goog

  • Anonymous
    March 19, 2013
    Can someone please tell me why Microsoft decided to create the "Compatibility Button"? I truly believe it is one of the biggest fails in browser history and has set back web design and development many years. Will IE 10 have this awful feature??

  • Anonymous
    March 19, 2013
    The comment has been removed

  • Anonymous
    March 19, 2013
    rais +1

  • Anonymous
    March 20, 2013
    IE 10 is so slow.

  • Anonymous
    March 20, 2013
    The comment has been removed

  • Anonymous
    March 21, 2013
    ok