November 2013 Internet Explorer Updates

Microsoft Security Bulletin MS13-088 - CriticalThis security update resolves ten privately reported and one publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10 and Internet Explorer 11 on Windows clients and Important for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on Windows servers. For more information, see the full bulletin.

Microsoft Security Bulletin MS13-090 - Critical

This security update resolves one publicly disclosed vulnerabilities in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10 and Internet Explorer 11 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on Windows servers. For more information, see the full bulletin.

Recommendation.  Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.

Security Update for Flash Player (2898108)

On November 12th, a security update for Adobe Flash Player in Internet Explorer 10 and 11 on supported editions of Windows 8, Windows 8.1 and Windows Server 2012 and Windows Server 2012 R2 is also available. The details of the vulnerabilities are documented in Adobe security bulletin APSB13-26. This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10 and Internet Explorer 11. For more information, see the advisory

Most customers have automatic updating enabled and will not need to take any action because this update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

— Wilson Guo, Program Manager, Internet Explorer

Comments

  • Anonymous
    November 12, 2013
    Contribution of a report, too early !

  • Anonymous
    November 12, 2013
    Any specific reason about disabling EPM on IE/desktop by default on windows 8.1 in this update? :( the EPM had the (positive) side effect of disabling legacy ActiveX controls, which means the CardSpace flaw didn't affect win8.1 by default, and win8.1 users would have been protected against future 0day flaws in legacy ActiveX controls when EPM is enabled.

  • Anonymous
    November 12, 2013
    The comment has been removed

  • Anonymous
    November 13, 2013
    So I had another issue last night with the cookies disappearing and losing my session and login (and auto-complete) information. I was using Facebook, and I'm set to "stay logged in".  I closed the window, and then some time later (about half an hour) I opened a new tab and went to facebook... and was prompted to log in again.  It then prompted me whether I wanted it to remember my password (which it should have had recorded).  There was no auto-complete for the fields.  It was like I was hitting this page for the very first time. I wasn't aware of any pages crashing, and I didn't exist IE11 Desktop at any point in time. This sort of thing seems to be happening more and more often... more frequent in IE10 than IE9, and noticeably more frequent since updating to IE11.  And it's getting to be exceedingly annoying.  It happens on any number of sites.  Suddenly it just forgets that I've ever visited the site before, passwords are forgotten, auto-fill form entries are forgotten, the works. I really hope this is a top priority to fix in an update, because it's just beyond frustrating and annoying.

  • Anonymous
    November 13, 2013
    The comment has been removed

  • Anonymous
    November 13, 2013
    How do I remove VeriSign from IE 11, it will not let me enter passwords !

  • Anonymous
    November 13, 2013
    go hawks

  • Anonymous
    November 14, 2013
    The comment has been removed

  • Anonymous
    November 17, 2013
    The comment has been removed

  • Anonymous
    November 17, 2013
    How can I turn the automatic zoom adjust in IE 11 on Windows 8.1 (with two screens and different resolutions) off? This feature is so painfully annoying (and crappily implemented), I just can't find the right words to describe it. Who specs features like that?

  • Anonymous
    November 17, 2013
    The comment has been removed

  • Anonymous
    November 18, 2013
    Anyone know what's going on here?  Since updating my Surface Pro to Windows 8.1 and IE11, all YouTube videos just show black when I click play.  The sound is fine, and if I set it to run full screen, it plays fine, but if it's embedded in a page, it's just blank.  Any clues on how to fix this?  It feels like a video driver thing (and I've had other symptoms that seem video driver related... flashing of the screen sometimes (like the driver reset), and some weird rendering artifacts on some pages (like vertical lines on Twitter.com that come and go).  Is this a known issue?  It's a Microsoft Surface device, so I'd expect it to work flawlessly...

  • Anonymous
    November 18, 2013
    I really hope this is a top priority to fix in an update plz care tech at http://www.tech-reviews.info

  • Anonymous
    November 19, 2013
    The comment has been removed

  • Anonymous
    November 19, 2013
    my in explorer not working

  • Anonymous
    November 20, 2013
    IE is the best browser in the speed, not crash,user friendly and etc . s11.postimg.org/.../388.jpg

  • Anonymous
    November 21, 2013
    Why does IE11 crash that often while browsing a random github repository or even the main project pages?

  • Anonymous
    November 23, 2013
    Microsoft is quickly becoming rife with incompetence. I cannot believe the mistakes that are being made.  It's like amateur hour.

  • Anonymous
    November 25, 2013
    can someone tell me how to make Carnegielearning work in internet explorer  When we log in as soon as it tries to open it closes the window

  • Anonymous
    November 25, 2013
    Microsoft, please do the world a favor give up development of IE.  For years, it has stifled advancement of web development.  If you insist on having a Microsoft branded browser in your operating system, there are plenty of far superior open source (gasp!) alternatives for rendering, JS, etc.