back to article Microsoft issues emergency IE bug patch

Microsoft has released a 26.9MB patch which fixes five vulnerabilities, including the zero day flaw that is cracking Windows systems via the most common versions of Internet Explorer. The MS12-063 update provides a fix for the flaw, which is in use by hackers against some companies. The patch also has four more flaw-fixes, …


This topic is closed for new posts.
  1. Anonymous Coward

    Thanks MS for the patch.

    Unlike Java, adobe etc i consider 6 days resonable......

  2. Charlie Clark Silver badge

    Yes, credit to Microsoft for obviously pulling out all the stops to get the patch out so quickly.

    This doesn't excuse the initial and repeated failure of welding the browser to the OS. If the experience at one of my customers is anything to go by, where the majority of the company's own websites didn't work properly because Javascript was disabled, is anything to go buy, then Microsoft has suffered massively as a result. I wouldn't mind betting that IE 10 may well be the last version of Microsoft's own browser.

    1. Jordan Davenport

      If you hadn't noticed, Windows 8 has welded IE even deeper than ever before by using its libraries in conjunction with the new WinRT runtime to make new Windows Store apps*. (Yes, I know, RAS Syndrome.)

      I mostly agree with your post except the part about IE10's being the last version. Even if it weren't so deeply meshed into the core now, Microsoft would surely continue developing it simply because some people can't easily switch. Now though, they've cemented it into existence, for better or for worse. That said, it at least isn't the old dog it used to be and does at least attempt to adhere to standards. And after all, healthy competition is good for the consumer.

      * Note: Name subject to change by the week.

      1. Charlie Clark Silver badge

        @ Jordan

        It's exactly that welding that is the risk that it's worth betting against. Microsoft has poured millions into IE 10 whereas they could have had a similar framework for a lot less by buying Palm. If a similar exploit turns up for IE 10 then they will have to look for an alternative: Ballmer and the whole IE team would have to go. No idea whether it's likely to happen but IE 9 was supposed to be a complete rewrite and we've seen where that led to.

    2. John Sanders


      " If the experience at one of my customers is anything to go by, where the majority of the company's own websites didn't work properly because Javascript was disabled, is anything to go buy, then Microsoft has suffered massively as a result."

      Do you see people leaving windows in droves? No, then Microsoft is not suffering.

      MS has a prisoner market.

      1. Charlie Clark Silver badge

        Re: Suffering

        Do you see people leaving windows in droves? No, then Microsoft is not suffering.

        Even if people do leave in droves Microsoft's bottom line wouldn't suffer immediately as it's already sold the licences. However, given the amount of work that the IT departments have had this week, you can be sure that there will be consequences such as the accelerated roll out of alternative browsers just so that staff can actually use company sites.

        1. John Sanders

          Re: Suffering

          @Charlie Clark

          Charlie, business will spend thousands of pounds in network intrusion equipment, spend countless hours implementing draconian GPOs, will spend weeks patching servers that have to (sometimes) be rebooted several times for a fix on a minor component, will spend thousands on ineffective anti-virus software, etc.

          They would double, even triple or quadruple the amount they spend now if they have to. They will not leave windows, they need to run some silly something called "insert name of software here" that only happens to run on Windows.

          1. Anonymous Coward
            Anonymous Coward

            Re: Suffering@ John Sanders

            What point are you actually trying to make here? You say they won't leave Windows because they have "some silly something ... that only happens to run on Windows." First off, calling something silly because it only runs on WIndows is pointless. Why do derisive remarks that really achieve nothing seem to go with the penguin icon? (Rhetorical - I know the answer.) Second - if they need that software for their business (so presumably they don't think it's silly, even if you do,) and it only runs on WIndows, why in God's name would they sop using Windows? If they're going to spend all this money, most people would rather spend it on fixing what's broken but they know will do what they want than on analysing whether a switch to another operating system and software that might do the trick. How people view (note that carefully,) support is also an important factor. I imagine most businesses that are paying for software are expecting some kind of formal support (rightly or wrongly.) Arguments such as "You can't complain - it's cost you nothing" and "You have the source - you can fix it yourself" are worthless to them. Plus on projects with smaller numbers of developers, there's always the dreaded, "Sorry - I'm not updating at the moment/ever because Real Life has intruded" problem. Suppose the Windows-only program runs in Wine. Brill - but will the vendor still support it? Unlikely - it's a get out of jail free card for them.

            So I ask again, what's your point? MS Bad? Because people release software for their OSs and not others?Doesn't work. MS users dropping themselves in 'prison' by using the software which does what they want and therefore stupid? Doesn't work either.

  3. JaitcH
    Thumb Down

    NOT a problem

    We always delete Internet Explorer from our workstations.

    It gives users piece of mind.

    1. Anonymous Coward
      Anonymous Coward

      Re: NOT a problem

      Trouble is that isn't actually possible, as MS decided to make the browser a critical part of the OS.

      So you can delete the link, but the library stays in use.

  4. John Sanders

    Could anyone...

    Remember any day of the year where IE doesn't have a zero-day exploit that can allow a malicious 3rd party to gain control of your Windows computer?

    1. Anonymous Coward
      Anonymous Coward

      Re: Could anyone...

      Oh go away fanbois....

  5. Radiodoc

    Why is it ever so - it takes THREE days to get the news here in China !!!

    I have noted that - although the link is supposedly published on FRIDAY - I FINALLY got it on Monday at 14:30 China Time = GMT +8 hours.

    i.e. ALWAYS late!

  6. dsl

    Buffer overflows & windows bugs

    Of course, microsoft makes it difficult for 'normal users' to raise issues that are likely to be buffer overruns. There is one lurking in the Outlook 2007 SP3 code that makes URLs clickable ....

    Not to mention the bug that can cause KeWaitForMultipleObjects() to spin for 15 seconds.

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022