Nine words to ruin your Monday: Emergency Internet Explorer patch amid in-the-wild attacks Microsoft today issued a rare emergency security update for Internet Explorer to address a critical flaw in the browser that's being exploited right now in the wild. Redmond says the vulnerability, a scripting-engine memory-corruption bug designated CVE-2019-1367, can be abused by a malicious webpage or email to achieved …
Critical Security updates wouldn't be necessary if MS would let me uninstall their piece of garbage browser(s) from my OS.
Time after time after time I have to patch my servers and workstations for software we don't use or even want on our machines.
The frequency of these events is either terminal stupidity or the NSA paying off MS engineers to keep the flawed software in place.
Hardly. IE isn't even mentioned on StatCounter any more.
At ease, everyone. Carry on with your normal lives.
"Such flaws are not uncommon,"
I don't know if you were trying to be funny but I certainly laughed out loud at this.
This is why I tell people that the using Microsoft, formerly WIndows, Defender is the most recklessly stupid thing you can do after walking blindfolded across a multi-lane highway. Using AV written by the same professionals who wrote the original bugs is simply not smart.
Its about time MS stopped providing IE by default on Windows 10 if less than 8% of all users are actually using it, it can be an optional download for those organisations that still require it.
And if you do still need IE for some legacy websites that won't work with other browser, FFS lock it down so it can only access those sites and not be allowed to go out onto the rest of the internet.
For those wondering about WSUS.....
Q: How do I get the update for this issue?
A: On Monday, September 23, 2019, the fix for this issue will be available via the Microsoft Update Catalog. On Tuesday, September 24, 2019, the update will be made available via Windows Update and WSUS as an optional update. You can get the update in Windows via Settings > Windows Update > Check for Updates.
Q: Does this update require a reboot?
A: Yes – this update will require a reboot.
Q: Why is this update being offered as an optional update, and not offered automatically to all Windows clients and servers?
A: Because this update requires a reboot, we are making it optional now to give users and administrators a choice to install/deploy the update. This update will be offered as an automatic update in the next monthly Update Tuesday release.
Q: Where can I find the status of documented issues from previous Windows update releases?
A: You can find the status of documented issues in the Known Issues section of the KB article for the respective update. The status of documented issues in previous Windows updates are also summarized in the Windows Release Information portal: https://docs.microsoft.com/windows/release-information/.
(from a premier comms email)
"On Monday, September 23, 2019, the fix for this issue will be available via the Microsoft Update Catalog. On Tuesday, September 24, 2019, the update will be made available via Windows Update and WSUS as an optional update. You can get the update in Windows via Settings > Windows Update > Check for Updates."
It's the 25th and it STILL isn't available in Windows Update! So, I installed it manually...
If you remove [Internet Explorer] folder inside [Program Files], you will delete a system file named ieproxy.dll which is responsible for the Safely Remove Hardware option. Which means any USB pendrive or USB devices you live-insert cannot be safely removed. I too was perplexed as to why SAFELY REMOVE feature needs INTERNET EXPLORER to function properly.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
