Microsoft Plans to Fail – Two Critical Bugs Left Unpatched

Next week, Microsoft’s first Patch Tuesdayfor 2011 will occur. A post in the Microsoft Security Response Center blog, outlines the planned patches. It appears that it’s going to be a smaller download than the 17 patches in December. That would be welcome, but the January downloads won’t include fixes for two serious flaws.

malwareThey said This month we will not be releasing updates to address Security Advisory 2490606 (public vulnerability affecting Windows Graphics Rendering Engine) and Security Advisory 2488013 (public vulnerability affecting Internet Explorer). We continue to actively monitor both vulnerabilities and for Advisory 2488013 we have started to see targeted attacks.

The Internet Explorer vulnerability affects nearly every PC running today. The Graphics Engine bug was only recently revealed at the POC conference a few days ago. It affects XP, Vista and 7 machines. We can forgive them for not reacting fast on the second one, but the other has been around long enough for at least a temporary fix to have been approved.

newyear-iconWe can’t wait much longer for these fixes. With users already seeing targeted attacks, Microsoft needs to recover from their New Year’s hangover and get back to work.

Published by

Clif Sipe

Promoting Freeware and Free information since 2004. Owner of with over 2000 pages of freebies. Please subscribe to my Google Feed or follow me on Twitter @clifnotes.