Slashdot Mirror

← Back to Stories (view on slashdot.org)

Uber-patch for Internet Explorer

Posted by michael on from the repatch-and-sin-no-more dept.

malevolence writes: "According to The Register, Microsoft has released an Uber-Patch for Internet Explorer that fixes all known security problems, as well as 3 new ones, including the content-type issue that was reported on slashdot a few days ago."

5 of 590 comments (clear)

  1. Download URLs by nstrom · · Score: 5, Informative

    Here's the direct download URLs, so you don't have to wade through MS's crufty site:

    for IE6:
    http://download.microsoft.com/download/IE60/secpac 23/6/W98NT42KMeXP/EN-US/q313675.exe
    for IE5.5:
    http://download.microsoft.com/download/ie55sp2/sec pac23/5.5_SP2/WIN98Me/EN-US/q313675.exe

    These updates have not yet appeared on Windows Update.

  2. It's not just IE - other apps need this! by PacketMaster · · Score: 5, Informative

    It's also important to note that it's not just users of IE as their browser that are affected by this bug. Lots of Windows programs took a shortcut (Eudora being a prime example) and used MSHTML.DLL as the rendering engine for their application. Any application that displays HTML and uses MSHTML.DLL and has IE5.5 or IE6 should install this patch IMMEDIATELY.

    --

    Some people take their .sig way too seriously

  3. Re:not too bright by jvj24601 · · Score: 5, Informative
    I downloaded the 2.15 mb patch. I try to run it, and I get a prompt that I need IE5 Service pack 2 installed. That's it, it doesn't supply a link, it doesn't try to download it, nothing. Microsoft rushed this one out.

    The update only works with IE 5.5 or 6.0. You might be running 5.0.

    Interesting note: If you read the bulletin and click on the Technical Details submenu, you'll find the worst part:

    "Microsoft tested Internet Explorer 5.5 and 6.0 to assess whether they are affected by these vulnerabilities. Previous versions are no longer eligible for hotfix support."

    As someone who does some sysadmin stuff at work, I didn't know this before. This means that a large majority of users (as far as my limited experience goes) that still use IE 5.0 will still have exploit available that won't be tested nor fixed. Wow...
  4. Slashdot Inconstancies by Captain_Frisk · · Score: 5, Informative
    Seriously guys calm down.

    Yesterday you bashed MS for not going public about anything, and now you bash them for patching the program. Short of open sourcing everything, is there anything they could do that would appease this croud?

    They might not get it right on the first try, but they do fix their bugs, and i think this was fairly timely, especially given the size / scope of IE.

  5. Re:Uber Patch by Anonymous Coward · · Score: 5, Informative

    Sorry to break it to you, but a significant protion of the readership *does* use IE. Rob used to publish statistics on this and stopped for obvious, embarassing reasons.