In response to highly publicised attacks reportedly exploiting a zero-day (without protection) vulnerability in the Microsoft Internet Explorer web browser, Microsoft has released, out-of-band, security bulletin MS10-018 addressing nine privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.

This bulletin is:

• MS10-018 affecting Microsoft Internet Explorer.

While the publicised issue so far only affects Internet Explorer v6 and v7, this cumulative update also addresses nine other vulnerabilities affecting multiple versions of Internet Explorer (including v8). The updates to address these issues have now been released by Microsoft and are available for installation.

To provide the best and fullest protection, we recommend that all customers apply the Microsoft updates and patch as soon as possible.

The Network Box supplemental MAPP report on this issue is available as a PDF here.

Network Box Security Response
March 2010

Back