After two critical cumulative updates in just weeks ...
by Volker Weber
Microsoft may be fooling the US press, but not Heise Online, where a report has just been published, quoting from Thor Laholm's site:
It seems like Microsoft are deliberately downplaying the severity of their vulnerabilities in an attempt to gain less bad press. It sure would look bad to release 2 critical cumulative updates in just 2 weeks, but that is exactly what has been done. As it stands now, the bulletin is released and most journalists willing to comment have already noticed the "Moderate" label and the extensive list of (incorrect) mitigating factors, and quite likely will not write anything on just how severe this really is. I doubt most people care to read the revisions to the bulletin that will come later.There are currently 18 unpatched publicly known vulnerabilities in Internet Explorer, of which I have labelled 6 as severe.
There is a lesson to be learned.
