Microsoft's Internet Explorer (IE) browser received a critical update released on Tuesday, June 9, 2013, which the Window's software-maker is urging users to download and install as soon as possible. The July security fix for Internet Explorer contains a number of critical patches to Microsoft software, with 34 bugs patched in all.
Of the 34 vulnerabilities reported and patched in Microsoft's security bulletins, 17 are said to affect Internet Explorer (IE). Therefore the company is classifying the fix as critical and recommending immediate software update by Internet Explorer browser users. (For instructions on how to download and install the latest Internet Explorer update, scroll to the bottom of the article to our simple tutorial.)
What Does July's Internet Explorer Browser Update Fix? TrueType Fonts Hold Multiple Vulnerabilites
Microsoft's July security fix bulletins indicate that a number of the vulnerabilities discovered this month are related to TrueType fonts. TrueType fonts have become wildly popular on the Internet because of the multiple advantages they offer in attractive rendering of fonts at various sizes in both print and on screen. Most of the vulnerabilities related to fonts have to do the way they are rendered via Windows software or Internet Explorer.
According to Qualys' chief technology officer, Wolfgang Kandek, when speaking with ComputerWorld, "Fonts have become really complicated ... there is real processing going on when you print a character, and that complexity can be attacked."
Fonts were particularly problematic this month, and three out of the six security bulletins issued by Microsoft this month were related to fonts. Even seeing this many bulletins in a month period is fairly unusual, as generally there are only two or three.
The 17 vulnerabilities related to font-rendering in Internet Explorer reportedly will affect five different version of the IE browsing software. Version's 6, 7, 8, 9 and 10 of Internet Explorer browser are all affected by the latest font vulnerabilities and therefore all IE users on Windows XP, Windows Vista, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008 or Windows RT should update their software today.
"Researchers continue to find flaws in IE, and the attack surface is pretty big..." said Kandek.
Why Updating Internet Explorer Browser Is Important
So how do these latest vulnerabilities attack your machine? Basically, if utilized, these latest vulnerabilities can embed malicious code into the descriptions of TrueType fonts, and can then gain access into parts of your computer's memory or processes. Memory corruption can be a serious problem leading to crashes and, in some cases, the need to completley wipe the computer's memory in order to fix.
"Depending on where this happens, this can be quite serious ... Windows, for instance, renders all characters onto the screen as a system user, not as a standard user, which has fewer system privileges. An exploit of a font-rendering vulnerability could go right into the operating system and take control at that level," Kandek said.
One of the biggest problems that arises and can cause large groups of individuals to become infected with an IE virus is that companies or organizations are often slow to update software, opting to keep older version of browsers. However, even though a mass upgrade may seem tedious, it is well worth the time.
It seems researchers have discovered one of the reported vulnerabilities fixed in July's Internet Explorer browser patches has already been proven exploitable and can run on the Metasploit penetration-testing software.
Anyone running Microsoft Internet Explorer on Windows XP, Windows Vista, Windows 7, Windows 8 and Windows 2008, Windows 2012 and Windows RT is advised to download and install the latest update right away.
How To Download And Install Microsoft Internet Explorer (IE) Critical Update [TUTORIAL]
For Manual Download and Install
1. Go to the Internet Explorer Downloads website.
2. Follow the directions given
How To Turn On Automatic Internet Explorer Updates
1. Click Start, and then click Control Panel.
2. Depending on which Control Panel view you use, Classic or Category, do one of the following:
a. Click System, and then click the Automatic Updates tab.
b. Click Performance and Maintenance, click System, and then click the Automatic Updates tab3.
3. Click the option that you want. Make sure Automatic Updates is not turned off.
For More Critical Software Update Tutorials See: