ActiveX Control issue being addressed in Update Tuesday

Late last Friday, November 8, 2013, a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publically disclosed. We have confirmed that this vulnerability is an issue already scheduled to be addressed in “Bulletin 3”, which will be released as MS13-090, as listed in the November Advanced Notification Service (ANS). The security update will be… Read more

Fix it for Security Advisory 2794220 now available

We have updated Security Advisory 2749920 to include the Fix it we discussed in Saturday’s blog post.  This easy, one-click Fix it is available to everyone and prevents the vulnerability from being used for code execution without affecting your ability to browse the Web. Additionally, applying the Fix it does not require a reboot. While… Read more

Additional information about Internet Explorer and Security Advisory 2757760

We will release a Fix it in the next few days to address an issue in Internet Explorer, as outlined in the Security Advisory 2757760 that we released yesterday.   While we have only seen a few attempts to exploit the issue, impacting an extremely limited number of people, we are taking this proactive step… Read more