posted by Thom Holwerda on Wed 12th Apr 2006 18:30 UTC
Microsoft's dominant Internet Explorer browser has undergone a major security makeover to plug 10 vulnerabilities that puts millions at risk of PC takeover, address bar spoofing and information disclosure attacks. The monster IE update includes a fix for the 'createTextRange()' code execution flaw that caused zero-day drive-by downloads and a significant modification to the way the browser renders certain ActiveX controls. In all, Microsoft shipped five bulletins with patches for 14 different vulnerabilities in a range of Windows products. At the same time Microsoft has begun requesting that users upgrade their ME/98 machines because support ends July 11th, 2006.