Microsoft patches include three critical updates

Microsoft patches include three critical updates

Microsoft has updated their aging browser yet again for the third consecutive month with critical updates released on Tuesday. The patches for Internet Explorer were for exploits, which could render the web user vulnerable to the code execution attacks. The company released in total eight updates for their products.

These patches fix three separate remote code execution flaws in the world’s most used browser. The first one of these flaw deals with the way the Internet Explorer handles JPEG images. A computer can be infected by just viewing an image containing malicious code targeted to harm the workstation. The company warned about this issue: “An attacker who successfully exploited this vulnerability could take complete control of an affected system.”

Users can also be infected if the image is sent through mail clients and viewed through affected applications like the ones using the Internet Explorer rendering engine. Other patches dealt with a cross-domain flaw in IE that could lead to system takeover and information disclosure attacks. In this case, a user can get infected on visiting a web page containing a malicious code.

The third of the critical bug is related to the process through which the web browser instantiates COM Objects that are not intended to be used in Internet Explorer. The affected Operating Systems are Windows 2000, Windows XP, and Windows Server 2003. Even the service pack 2 versions of the Windows XP Operating System are vulnerable and are advised to update their systems.