Article

Microsoft to release emergency bulletins for Visual Studio, IE

SearchSecurity.com Staff

Microsoft plans to release two out-of-band security bulletins Tuesday to plug security vulnerabilities in Visual Studio and Internet Explorer (IE).

    Requires Free Membership to View

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

In a Microsoft Security Bulletin advance notification, the software giant said application developers should be aware of updates.

"While we can't go into specifics about the issue prior to release, we can say that the Visual Studio bulletin will address an issue that can affect certain types of applications," wrote Mike Reavey, group manager at the Microsoft Security Response Center in the MSRC blog. "The Internet Explorer bulletin will provide defense-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin."

The Visual Studio update is rated as moderate. Reavey said the IE update will also address vulnerabilities rated as Critical that are unrelated to the Visual Studio bulletin. The vulnerabilities were privately and responsibly reported, he said.

Recent Microsoft updates:
July - Microsoft repairs critical DirectShow, Video ActiveX vulnerabilities The software giant issued six updates this week as part of its Patch Tuesday updates. Three bulletins were rated critical.

June - Microsoft patches WebDAV security vulnerability in bevy of updates: Zero-day flaws in Microsoft Internet Information Services (IIS) Web server and Internet Explorer were among 31 vulnerabilities repaired Tuesday.

On July 14, Microsoft repaired critical zero-day flaws affecting the video streaming technology in Windows, as part of its monthly Patch Tuesday updates. It left a newly discovered hole in Office Web Components wide open, despite being actively targeted by hackers.

Microsoft repaired a flaw related to its DirectShow video streaming software, identified in May, as well as a recently reported Video Controller ActiveX control flaw. The vulnerabilties were being actively targeted in ongoing attacks.

The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is in the Spreadsheet ActiveX Control, which is used by IE.

Microsoft is hosting two webcasts to address customer questions on the out-of-band bulletins at 1 p.m. and 4 p.m. PT on Tuesday. Registration is required.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: