Microsoft Readies Next Round of IE Patches | eWeek

Microsoft Readies Next Round of IE Patches

Jul 28, 2004
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Microsoft officials say the company is prepping a patch for its Internet Explorer browser to plug the vulnerability exploited by the Download.Ject attacks in June. The patch is expected sometime next week, several weeks before the next scheduled batch release of security fixes.

In late June, security concerns over IE were raised following several serious exploits, including Download.Ject, which allowed Microsoft IIS (Internet Information Services) Web servers to install a keystroke logger and other malware code to steal passwords and other personal data.

While Microsoft Corp. earlier this month released a Download.Ject Payload Detection and Removal Tool, as well as an early fix described as a “configuration change” for Windows ADODB.Stream component, the company had promised customers a more comprehensive fix.

At the time, Dean Hachamovitch, who heads the IE development team, said in a public chat on the subject: “We have people working around the clock on it.”

That time looks to be soon, as Hachamovitch on Wednesday said in a weekly, security-focused Webcast that the fix will arrive sometime next week.

Read more about the issues raised in the online discussion over the use of IE in the enterprise.

A Microsoft spokeswoman declined to offer a more exact date for the release, adding that the patch would be released when the company determines it has an “effective and quality fix for all [supported] versions of IE.”

The experiences with Download.Ject and other recent shell vulnerabilities have led some IT managers to ask if the browsers themselves are to blame—or is Windows itself just not safe? Check out this face-off on the browser wars between Linux and Windows.

The forthcoming patch release is out of order, the company admits, revealing the critical nature of the patches as well as addressing the concerns expressed by customers over the recent issues with the browser. The last scheduled “Patch Day” was July 13, when the company released several “critical” updates.

Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.