Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer

Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer

Today as part of its regular Patch Tuesday cycle of updates to its various software products, Microsoft released 9 bulletins that included fixes for a total of 14 vulnerabilities. It wasn’t a heavy set of updates compared to prior months. Which is in some way a problem, as a key flaw in Internet Explorer wasn’t addressed as part of the mix.

This isn’t to say that Internet Explorer received no love in the month’s updates, in fact in the eyes of Qualys, a security company, “the most important bulletin to apply to your infrastructure is MS13-028, which contains a new release of Internet Explorer (IE) covering all versions of the browser starting with IE6 going to IE10.”

F**k it, we'll do it live!

Our biggest ever edition of TNW Conference is fast approaching! Join 10,000 tech leaders this May in Amsterdam.

However, that in mind, issues uncovered during the “Pwn2Own” competition are not addressed. According to IDG as published in ComputerWorld, competing browsers have already patched the bugs unearthed by the competition.

In the view of Qualys, however, it could simply be a timing issue, with the delay “most likely due to the time constraints imposed by the quality assurance (QA) work necessary for an IE release.” Still, it’s not good for Microsoft to trail its competitors in any way, especially following the amount of work that the company has invested in rebuilding the Internet Explorer brand.

For a full stroll down the new set of updates, head here. Also included in the mix is an update to Flash, as you will surely be surprised to hear.

The next question becomes when Microsoft will fix the Pwn2Own bugs, and if it will wait until May’s patching event.

Top Image Credit: Mike Shelby

Read next: Tumblr axes editorial team behind Storyboard on the way to profitability

Shh. Here's some distraction