Microsoft released a new series of security patches in Internet Explorer for a zero-day bug, originally addressed on September 23. The original updates introduced some printing problems, but the new ones seem to be unstable too.
Tracked as CVE-2019-1367, the default was considered to be a memory error that could lead to execution of remote code. Internet Explorer 9, 10 and 11 have been found to be affected and vulnerability hackers had already been attacked, Microsoft said last month.
Adversaries who want to exploit the vulnerability must trick unsuspected victims to visit a malicious website using insecure Internet Explorer versions.
“The vulnerability can corrupt memory so that an attacker could run arbitrary code in the current user context,” states Microsoft in his advisory.
On 3 October, the technology giant decided to push a further package of bug fixes, stating that some users encountered some printing issues after the original patches were applied.
“To deal with known printing issues, customers can experience a new security update or IE Cumulative update released on 23 September 2019 for CVE-2019-1367 by Microsoft for all existing Internet Explorer 9, 10, or 11 installs on Microsoft Windows,” says the company.
Although Microsoft claims that the cumulative fixes are meant to address issues that users have encountered with their printers since installing the initial CVE-2019-1367 update, many argue that it actually causes problems with the out – of-band Update.
Users have complained to BornCity and other websites that cumulative changes have caused problems with printing and booting and, in some cases, caused a crash in the start menu.
According to Microsoft, the cumulative changes to IE are different from the Tuesday Release of October, scheduled for tomorrow, October 8.
Source : HackerCombat