TNW Conference 2022 will be bigger, bolder, and better! Get your tickets now >>

The heart of tech

This article was published on April 10, 2013

Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer

Microsoft’s Patch Tuesday updates fail to address Pwn2Own-found flaws in Internet Explorer
Alex Wilhelm
Story by

Alex Wilhelm

Alex Wilhelm is a San Francisco-based writer. You can find Alex on Twitter, and on Facebook. You can reach Alex via email at [email protected] Alex Wilhelm is a San Francisco-based writer. You can find Alex on Twitter, and on Facebook. You can reach Alex via email at [email protected]

Today as part of its regular Patch Tuesday cycle of updates to its various software products, Microsoft released 9 bulletins that included fixes for a total of 14 vulnerabilities. It wasn’t a heavy set of updates compared to prior months. Which is in some way a problem, as a key flaw in Internet Explorer wasn’t addressed as part of the mix.

This isn’t to say that Internet Explorer received no love in the month’s updates, in fact in the eyes of Qualys, a security company, “the most important bulletin to apply to your infrastructure is MS13-028, which contains a new release of Internet Explorer (IE) covering all versions of the browser starting with IE6 going to IE10.”

However, that in mind, issues uncovered during the “Pwn2Own” competition are not addressed. According to IDG as published in ComputerWorld, competing browsers have already patched the bugs unearthed by the competition.

In the view of Qualys, however, it could simply be a timing issue, with the delay “most likely due to the time constraints imposed by the quality assurance (QA) work necessary for an IE release.” Still, it’s not good for Microsoft to trail its competitors in any way, especially following the amount of work that the company has invested in rebuilding the Internet Explorer brand.

For a full stroll down the new set of updates, head here. Also included in the mix is an update to Flash, as you will surely be surprised to hear.

The next question becomes when Microsoft will fix the Pwn2Own bugs, and if it will wait until May’s patching event.

Top Image Credit: Mike Shelby

Get the Microsoft newsletter