The IE Cumulative Security Update for October 2008, released on this month's Patch Tuesday, takes on six vulnerabilities. The security update addresses these vulnerabilities by modifying the way Internet Explorer handles the error resulting in an exploitable condition. What's interesting about this specific update, however, is how it underlines Microsoft's increased focus on security in its browser. According to the IEBlog:
The security update is rated Critical for all supported versions of Internet Explorer 6 and earlier. The security update is rated Important on Internet Explorer 7 on Windows XP and Internet Explorer 7 in Windows Vista. Beta versions of Internet Explorer are not vulnerable.
In other words, the security problems fixed this month mostly affect IE6, were not as serious for IE7, and did not affect IE8 at all. This is good news for the IE team, as it shows that their steps to improve security in IE are paying off. Since IE security updates are cumulative, they contain all previously-released updates for each version of Internet Explorer.
Yes, the majority of IE's market share is still IE6 (mainly due to companies who refuse to make their applications depend on anything other than version 6).
)
