Microsoft emergency fix kills bugs in IE, Visual Studio
Just in time
Microsoft issued two emergency updates on Tuesday to fix critical security bugs that leave users of Internet Explorer and an untold number of third-party applications vulnerable to remote attacks that completely commandeer their computers.
Most of the vulnerabilities are located in Microsoft’s ATL, or Active Template Library, which developers from Redmond and elsewhere use to write Component Object Model code, including ActiveX controls that are frequently targeted by attackers. Applications that have drawn on the buggy library may be vulnerable to attacks that allow the remote execution of malware and the interception of sensitive user information.
Read more: theregister.co.uk