Today, we released MS13-008 to address the issue described in Security Advisory 2794220. We’ve seen only a limited number of attacks through an issue in Internet Explorer 6-8, but the potential exists that more customers could be affected. The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. For those manually updating, we strongly encourage you to apply this update as quickly as possible. As always, we recommend upgrading to Internet Explorer 9-10, as they are not impacted by this issue.

As we discussed in the ANS blog post, if you previously applied the Fix it offered through the advisory, you do not need to uninstall it before applying the security update released today. However, the Fix it is no longer needed after the security update is installed, so we are recommending that you uninstall it after you have applied the update to your system.

Please watch the video below for an overview of this security update, and you can find more information on the Microsoft Security Bulletin summary webpage.

We also invite you to join Jonathan Ness and myself for a live webcast at 1 p.m. PST today, where we’ll provide a detailed review of the bulletin and answer your questions in real-time. You can register here. I look forward to chatting with you then.

Thanks,

Dustin Childs
Group Manager
Trustworthy Computing