December 2013 Internet Explorer Updates

Microsoft Security Bulletin MS13-097 - CriticalThis security update resolves seven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10 and Internet Explorer 11 on Windows clients and Important for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on Windows servers. For more information, see the full bulletin.

Recommendation.  Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.

Security Update for Flash Player (2907997)

On December 10th, a security update for Adobe Flash Player in Internet Explorer 10 and 11 on supported editions of Windows 8, Windows 8.1 and Windows Server 2012 and Windows Server 2012 R2 is also available. The details of the vulnerabilities are documented in Adobe security bulletin APSB13-28. This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10 and Internet Explorer 11. For more information, see the advisory

Most customers have automatic updating enabled and will not need to take any action because this update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

— Wilson Guo, Program Manager, Internet Explorer

Comments

  • Anonymous
    December 10, 2013
    Was hoping for more non-security fixes for IE11 as it seems pretty unreliable so far on Windows 7 at least.  Maybe there are some fixes that aren't listed in the KB.

  • Anonymous
    December 10, 2013
    I don't know which update fixed rss feeds in windows 8.1/ ie11, but thanks

  • Anonymous
    December 10, 2013
    The comment has been removed

  • Anonymous
    December 10, 2013
    The comment has been removed

  • Anonymous
    December 11, 2013
    It worked ok with Chrome. @Microsoft: Fork Chromium, change the icon to a blue "e" and call it IE12. Do the world a favor.

  • Anonymous
    December 11, 2013
    A minor frown... It would be nice, for those of us who have large set of "Home Pages" opening in various tabs when we start IE, if those URLs in the home page set were excluded from the "Frequent" window. Currently, it is full, and stays full, of all the home page set URLs, when I could wish it were populated with other things. Tried to find another way to suggest this, but it was hard to discover.

  • Anonymous
    December 11, 2013
    Was hopping that it would not CRASH so much

  • Anonymous
    December 11, 2013
    ex-Microsoft IE Team developer Eric Lawrence just posted his wish list for IE12 features and bug fixes: blogs.msdn.com/.../internet-explorer-12-wishlist-of-bug-fixes-and-new-features.aspx Needless to say he points out some good ones but more importantly other developers have added their own items to the wish list! I wonder if Microsoft will read and listen to these ideas over on his blog? (Since they typically ignore any constructive criticism posted on the IE blog)

  • Anonymous
    December 11, 2013
    I know it's not quite on-topic for this particular post, but I would echo other comments here and say I was really hoping for some stability fixes in this batch of updates.  IE11 crashes far too frequently (perhaps even a dozen times each day for me on a brand new computer with a clean install of Windows), even on Microsoft-managed sites (such as TFS online).  I don't think TFS online uses any plugins, so I'm pretty sure the issue lies in IE itself. One of our customers is just starting to move away from IE7 on XP.  They had plans to upgrade to 11 on Windows 7, but decided on 9 instead (as 11 was so unstable).  Now it will be that many more years until they can get current; they will be on 9 for a long time.  Not acceptable.

  • Anonymous
    December 13, 2013
    Windows automatically installed the update. Corrupted the computer and caused it to crash. Now in constant 'startup repair' searching for problems. At the end of that, '! Windows failed to initialize'. Gives me an option to do a system recovery. Proceed to that and computer then finds a problem and can't restore to a previous date. The next step is to do a system recovery to factory with saving my info, no avail. Final step, full factory restore, windows could not complete. Shut down...... go into startup repair diagnosis and repair details: root cause found - registry is corrupt. WHATTTTTTTT!!!!!!!!!!! all from a critical windows update.

  • Anonymous
    December 13, 2013
    I guess my fault for turning my computer on and it automatically installing on Friday the 13th.

  • Anonymous
    December 14, 2013
    Having spent almost all night on "IE not functioning properly anymore" after the MS-Update, I switched to Chrome. And wait and hope for a better IE12!