Microsoft has postponed a planned fix for its August cumulative patch for Internet Explorer due to new issues, while at the same time acknowledging the first patch also opened users up to a code execution attack.

The existence of a vulnerability in the patch was first announced by eEye Digital Security, which Microsoft has chided for publicly disclosing the flaws. However, eEye defended itself, saying that it had only mentioned that the patch was indeed exploitable, noting that the Redmond company had released the most details on the problem itself. Continue reading…

Postpones Fix for Patch