Microsoft’s January Patch Tuesday delivers fixes for 12 security vulnerabilities, though it is perhaps most noteworthy for what it is missing.
Security firm FireEye on Dec. 28 reported on its discovery of a new Internet Explorer (IE) zero-day flaw that is being actively exploited. Microsoft responded with a Fix it update, though a full patch is not yet publicly available.
“We’ve reviewed the information and are working on an update, which we will make available to all customers on IE 6-8 as soon as it is ready for distribution,” Dustin Childs, group manager, Microsoft Trustworthy Computing said in a statement sent to eSecurity Planet. “In the meantime, the current Fix it, mitigations and workarounds available in Security Advisory 2794220 fully protect against all known active attacks.”
Read the full story at eSecurity Planet:
Microsoft Fixes Dozen Flaws, but Not IE Zero-Day Threat, in Update
Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.