Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Patches for Internet Explorer Zero-Day Causing Problems for Many Users

Microsoft has released a new set of security patches for a zero-day vulnerability in Internet Explorer that was initially addressed on September 23. The initial updates introduced some printing issues, but the new ones also appear to be buggy.

Microsoft has released a new set of security patches for a zero-day vulnerability in Internet Explorer that was initially addressed on September 23. The initial updates introduced some printing issues, but the new ones also appear to be buggy.

Tracked as CVE-2019-1367, the flaw was classified as a memory corruption bug that could lead to remote code execution. Internet Explorer 9, 10 and 11 were found impacted, and attackers were already targeting the vulnerability, Microsoft said last month.

Adversaries looking to exploit the vulnerability would have to trick unsuspecting victims who use vulnerable versions of Internet Explorer into visiting a malicious website.

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” Microsoft explains in its advisory.

On October 3, the tech giant decided to push another set of patches for the vulnerability, explaining that some users experienced certain printing issues following the installation of the initially released patches.

“To address a known printing issue customers might experience after installing the Security Updates or IE Cumulative updates that were released on September 23, 2019 for CVE-2019-1367, Microsoft is releasing new Security Updates, IE Cumulative Updates, and Monthly Rollup updates for all applicable installations of Internet Explorer 9, 10, or 11 on Microsoft Windows,” the company says.

Advertisement. Scroll to continue reading.

While Microsoft says the cumulative patches are meant to address issues users have experienced with their printers following the installation of the initial fix for CVE-2019-1367, some complain that the out-of-band update is actually the one to cause problems.

Users took to BornCity and other websites to complain, revealing that the cumulative update is causing printing and boot issues, and, in some cases, is causing the start menu to crash.

The IE Cumulative updates, Microsoft explains, are separate from the October Update Tuesday release, which is scheduled for tomorrow, October 8.

Related: Microsoft Patches Internet Explorer Vulnerability Exploited in Attacks

Related: Google Discloses Actively Exploited Windows Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Sherrod DeGrippo has been appointed Head of Threat Intelligence for Palo Alto Networks Unit 42.

Christopher Porter has joined Booz Allen Hamilton as Global Chief Information Security Officer.

Yael Ben Arie has joined exposure validation company Pentera as Chief Product Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.