IE cumulative update



For the second month in a row, Microsoft has released a cumulative update for Internet Explorer, patching a number of critical remote code execution vulnerabilities in the browser, including one previously disclosed. It also patched a serious kernel mode driver vulnerability that could enable attackers to gain root access to a machine using a malicious USB drive, a la Stuxnet.

Internet Explorer continues to dominate Microsoft’s 2013 security updates. Among the 12 bulletins and 57 vulnerabilities patched in today’s release was a cumulative update for the maligned browser and another fix for a bug being exploited in the wild.Last month, an out-of-band fix for IE 6-8 patched zero-day flaws being exploited in a series of watering hole attacks against government, telecommunications, manufacturing and human rights sites.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.