Archive for November, 2012

Internet Explorer 10 Release Preview Is Available Now for Windows 7

November 13, 2012

Windows: Microsoft’s latest browser, Internet Explorer 10, is now available as a release preview for Windows 7. Beside new touch-friendly controls, IE10 promises faster delivery of web pages and enhanced security.

The Windows 7 version, like IE10 already available in its final version on Windows 8 and Windows RT, has “Do Not Track” privacy turned on by default. Other new features include download protection and location bar autocomplete.

The touch interactions (e.g., swipe to read additional pages instead of clicking on links) are a big feature of IE10, but you’ll best experience that on Windows 8 with a touch-capable computer.

Still, if you’d like to kick the tires on the faster, more secure version of Internet Explorer, it’s available now at the download link below. If you have auto-update turned on in Internet Explorer 9, you’ll also automatically get IE10 when it becomes available in its final form. Sorry, Windows Vista and XP users; no release preview for you.

Download Internet Explorer 10 Release Preview | Microsoft

Microsoft Patches 19 Security Holes

November 13, 2012

Microsoft today issued six software updates to fix at least 19 security holes in Windows and other Microsoft products. Thirteen of those vulnerabilities earned a “critical” rating, which means miscreants or malicious code could leverage them to break into vulnerable systems without any help from users.

Of note in these patches is a critical update for Internet Explorer 9 that fixes three flaws in IE (these bugs do not exist in older versions of IE, according to Microsoft). Other critical updates address extremely dangerous flaws in core Windows components, such as the Windows shell and Windows Kernel; these vulnerabilities are present in nearly all supported versions of Windows.

All of the critical updates earned the most dire marks on Microsoft’s “exploitability index,” which tries assess the likelihood that attackers will devise remote of code execution attacks and denial of service exploits within 30 days of a security bulletin release.

Also included among the critical patches is an update for Microsoft’s .NET Framework. I mention this one separately because in the few times I’ve had troubles after applying Windows security updates, a .NET Framework patch has always been part of the mix. My update this time around went fine (albeit a tad slowly) on a Windows 7 system, but if you experience any issues applying these patches, please leave a note in the comments section below.

Other vulnerabilities addressed in today’s update batch include flaws in Microsoft Excel and Microsoft Internet Information Services (ISS). A summary of the bulletins released today is available at this linkWolfgang Kandek, chief technology officer at Qualys, has put together a readable blog post with some additional thoughts on the severity and relative urgency of today’s patches.