Microsoft's response to broken Cumulative Patch MS03-032 -

Published by

On Monday 08 Sept 2003 we reported that Security expert http-equiv on Full-Disclosure had managed to exploit the flaw that the MS02-032 patch was supposed to fix.

Now Microsoft responsed to Neowin about the issue. "Microsoft is investigating public reports that one of the vulnerabilities that was fixed in the original update appears affected. It appears there is a new variation of the vulnerability that has caused the scare". She continued "There are no reports of user being affected by this problem, but Microsoft are committed to keeping customers data safe and are aggressively investigating these reports". She also gave advice for customers and what they should do in response to this issue. "Microsoft continues to advise customers to keep there windows systems up to date using Microsoft Windows Update website, specifically the customers should still install the Internet Explorer cumulative update ms-03-032 to help protect the original vulnerability, as well as the other issues addressed by that security update". Get more informations at Neowin