When there’s an out-of-cycle update from Microsoft, it’s almost always one we want to install quickly.
This special edition of Patch Watch has two critical fixes that should be added to Windows workstations without delay.
Critical zero-day patch for Internet Explorer
In the Jan. 10 Patch Watch, I recommended that Internet Explorer 6, 7, or 8 users install fixit 50971 to block a new exploit that’s already attacking PCs. At that time, there was no patch available. But there is now; this past Monday, Microsoft released an out-of-cycle patch, KB 2799329, rated critical for all client versions of Windows using IE 6 through 8. PCs running IE 9 and 10 are unaffected.
An important note: According to the FAQ in MS Security Bulletin MS13-008, cumulative update KB 2761465 (MS12-077) must be installed before installing KB 2799329. In Windows Update, click the View update history link, look for KB 2761465, and confirm it’s on your system.
What to do: Install KB 2799329 (MS13-008 ) as soon as possible. If you installed fixit 50971, remove it after installing the patch by running its companion fixit: 50972. Removing it should restore any lost browser speed you might have encountered.
Java: Use it if you must; lose it if you can
Like browsers, Java is one of those apps you really need to keep updated. But, unlike a browser, you might be better off living without Java. So before installing Java 7 Update 11, consider whether any of your applications or computing tasks needs Java to run. If you’re not sure, uninstall Java completely from your Windows workstation and see whether anything breaks.
In some cases, you can keep Java on your system but disable it in your browser. An easy way to do this is through the Java Control Panel, which should reside in your Windows Control Panel. If you don’t see Java’s control panel, it’s because you’re not running Java 7 Update 10 or 11. Proceed to the Oracle Java download page and install Version 7 Update 11. Be sure to untick any offered — but unwanted — accessory apps, such as the McAfee security software Oracle tried to foist on me.