Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer

Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer

Today as part of its regular Patch Tuesday cycle of updates to its various software products, Microsoft released 9 bulletins that included fixes for a total of 14 vulnerabilities. It wasn’t a heavy set of updates compared to prior months. Which is in some way a problem, as a key flaw in Internet Explorer wasn’t addressed as part of the mix.

This isn’t to say that Internet Explorer received no love in the month’s updates, in fact in the eyes of Qualys, a security company, “the most important bulletin to apply to your infrastructure is MS13-028, which contains a new release of Internet Explorer (IE) covering all versions of the browser starting with IE6 going to IE10.”

Ever been to a tech festival?

TNW Conference won best European Event 2016 for our festival vibe. See what's in store for 2017.

However, that in mind, issues uncovered during the “Pwn2Own” competition are not addressed. According to IDG as published in ComputerWorld, competing browsers have already patched the bugs unearthed by the competition.

In the view of Qualys, however, it could simply be a timing issue, with the delay “most likely due to the time constraints imposed by the quality assurance (QA) work necessary for an IE release.” Still, it’s not good for Microsoft to trail its competitors in any way, especially following the amount of work that the company has invested in rebuilding the Internet Explorer brand.

For a full stroll down the new set of updates, head here. Also included in the mix is an update to Flash, as you will surely be surprised to hear.

The next question becomes when Microsoft will fix the Pwn2Own bugs, and if it will wait until May’s patching event.

Top Image Credit: Mike Shelby

Read next: Tumblr axes editorial team behind Storyboard on the way to profitability

Here's some more distraction