Microsoft Readies Next Round of IE Patches
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Microsoft Readies Next Round of IE Patches

Written By
David Morgenstern
David Morgenstern
Jul 28, 2004
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Microsoft officials say the company is prepping a patch for its Internet Explorer browser to plug the vulnerability exploited by the Download.Ject attacks in June. The patch is expected sometime next week, several weeks before the next scheduled batch release of security fixes.

In late June, security concerns over IE were raised following several serious exploits, including Download.Ject, which allowed Microsoft IIS (Internet Information Services) Web servers to install a keystroke logger and other malware code to steal passwords and other personal data.

While Microsoft Corp. earlier this month released a Download.Ject Payload Detection and Removal Tool, as well as an early fix described as a “configuration change” for Windows ADODB.Stream component, the company had promised customers a more comprehensive fix.

At the time, Dean Hachamovitch, who heads the IE development team, said in a public chat on the subject: “We have people working around the clock on it.”

That time looks to be soon, as Hachamovitch on Wednesday said in a weekly, security-focused Webcast that the fix will arrive sometime next week.

Read more about the issues raised in the online discussion over the use of IE in the enterprise.

A Microsoft spokeswoman declined to offer a more exact date for the release, adding that the patch would be released when the company determines it has an “effective and quality fix for all [supported] versions of IE.”

The experiences with Download.Ject and other recent shell vulnerabilities have led some IT managers to ask if the browsers themselves are to blame—or is Windows itself just not safe? Check out this face-off on the browser wars between Linux and Windows.

The forthcoming patch release is out of order, the company admits, revealing the critical nature of the patches as well as addressing the concerns expressed by customers over the recent issues with the browser. The last scheduled “Patch Day” was July 13, when the company released several “critical” updates.

Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page

David Morgenstern
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information