Microsoft Plugs Security Holes in IE

As part of the company's push for improved security throughout its software, Microsoft issued on Monday a cumulative patch for Internet Explorer correcting all known and six new vulnerabilities in the browser. An initial version of the patch dated February 7 slipped public last week, but was swiftly removed due to installation problems. The "11 February 2002 Cumulative Patch" weighs in at 2.41 MB and should be applied to IE6 and IE5.5 on all versions of Windows and IE5.01 on Windows 2000.

A company spokesperson told BetaNews, "Microsoft strongly urges all Windows users to install this fix to ensure that their systems are fully protected and has made this patch available for customers on Windows Update and via auto update in Windows XP."

Microsoft also reiterated its new priority of security, first announced in a memo by Bill Gates after coming under heavy fire by security experts for seemingly endless numbers of vulnerabilities in its products. Redmond Chief Steve Ballmer devoted the entire month of February to reviewing millions of lines of code for potential security problems.

"While this patch will address security issues for Internet Explorer to date, the entire Windows division is in the process of conducting a code review focusing completely on security. Security is priority one for Microsoft and moving forward, security will be a top priority in the development process because that is what Microsoft customers want," the spokesperson said.

Internet Explorer users may patch their system by visiting Windows Update or by directly downloading the security update.