Microsoft Fixes Critical Internet Explorer Bugs for May Patch Tuesday

As part of its Patch Tuesday for May, Microsoft fixed 33 vulnerabilities across ten bulletins in Internet Explorer, Office applications, Windows, .NET framework, and Lync. There are eight patches ranked as Important, which affect a range of technologies and products including Microsoft Word, Publisher, Visio, and Lync as well as the .NET framework and the Windows kernel. The remaining two patches (MS13-037 and MS13-038) are both rated Critical, and both address vulnerabilities in Internet Explorer.

The flaws in IE have been used by cyber criminals to attack United States government websites and steal information related to government employees. Most recently, the vulnerabilities were exploited by hackers targeting U.S. Department of Labor workers.

MS13-037 patches 11 privately reported vulnerabilities in all versions of Internet Explorer 6 and above, including for Windows 8 devices and Windows RT-based tablets. The most severe vulnerability would allow hackers to install malware on an affected machine through a specially-crafted webpage. Microsoft said lower user permissions would mitigate the damage caused by such malware.

MS13-038 relates to the recent "nuke-bug" flaw in Internet Explorer 8, which was discovered earlier this month.

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules