Network Computing is part of the Informa Tech Division of Informa PLC
Microsoft Re-patches Repatch, Issues Third Fix For IE Flaws
Among the patches posted Tuesday by Microsoft Corp. in its regular monthly release was a re-repatch of a fix for Internet Explorer that had already been pushed to users twice.
The Tuesday re-release of MS06-042, which debuted Aug. 8, included fixes for 10 vulnerabilities -- two more than in the original -- because of yet another bug uncovered by eEye Digital Security, a California-based company that was blasted last month by Microsoft for not abiding by its unwritten vulnerability disclosure rules.
The newly-patched bug in IE was reported by eEye to Microsoft Aug. 24, the same day that the Redmond, Wash.-based developer issued its first re-release of MS06-042 to fix another flaw it had overlooked. This second bug, said eEye in an online advisory, is "almost identical" to the vulnerability it spotted in August. Like that flaw, the new problem is in how IE handles long URLs when users visit sites that have applied both compression and the HTTP 1.1 protocol.
Although Microsoft didn't use the term, the just-fixed vulnerability was a "regression," a bug not present earlier but introduced by an error in the patch.
"This update cycle has not been an example of our best work," admitted Tony Chor, group program manager for Internet Explorer, in an entry on the team's blog.
Recommended For You
From infrastructure to app delivery, from data to applications, it’s past time to modernize your practices, processes, and providers to ensure you’re able to take advantage of AI and whatever comes next.
What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.
A full-stack approach to retail edge offers retailers a way to optimize operations and adapt to changes in a post-pandemic world.