IE flaw fixed for Microsoft’s last patches of 2009

red cross

Microsoft will fix a zero-day flaw in Internet Explorer (IE) 6 and 7 in its final patches of the decade.

Next week's Patch Tuesday will see six new security bulletins fixing 12 vulnerabilities in Windows, IE and Office products.

In a blog post, Jerry Bryant of the Microsoft Security Response Centre said the update would touch all supported versions of Windows and IE. On the Office side, the bulletins would affect Project, Word and Works 8.5.

All of the updates would require restarts so he urged IT departments to plan accordingly.

Bryant also said Microsoft was aware that customers were concerned about the IE flaw and that a proof of concept exploit was already out in the wild.

Microsoft will hope that December's update doesn't attract as much attention as November's, where security company Prevx falsely accused the patches of causing the black screen of death' for some Windows users.

Prevx later issued an apology to Microsoft, as it became clear that the security update had nothing to do with the problem.