12 Feb 2014
Microsoft has issued critical-rated updates for 24 security flaws in the Internet Explorer (IE) browser, the company announced in its latest security bulletin.
The vulnerabilities affect IE versions 6 through 10 and impact Windows XP, Vista, Windows 7 and Windows 8.1.
None of the vulnerabilities is known to have been exploited but Microsoft rates 12 of them as “exploit code likely.” The most severe can allow attackers to execute malicious code remotely and gain administrative rights if users access a specifically designed website.
The two updates, for IE and VBScript, have been added to previously announced updates and have not been made public as of yesterday, the day before the scheduled February release.
“This brings the total for Tuesday’s release to seven bulletins, four Critical,” said Dustin Childs, Group Manager within the Trustworthy Computing Group at Microsoft.