The IE April 2006 security update is now available! This security update is now available via Windows Update. Alternatively, you can receive this and all other Microsoft updates available via the new Microsoft Update. I would encourage you to upgrade to Microsoft Update if you haven’t already.
This update addresses 10 security issues: 8 remote code execution vulnerabilities, one information disclosure vulnerability and one spoofing vulnerability. For more information on the contents of this update:
Microsoft Knowledge Base article: MS06-013 – Cumulative Security Update for Internet Explorer (KB# 912812)
Details on the vulnerabilities and workarounds can be found at http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx.
This is a “Critical” update and affects all supported IE configurations from IE5.01 to IE6 for XPSP2 and IE6 for Server 2003 Service Pack 1. All IE security updates are cumulative and contain all previously released patches for each version of IE. Security Updates for IE7 Beta 1 users on XPSP2 and Vista February CTP are not available today, but will be available on Windows Update within the next two weeks. I will update the blog when these are available. I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to turn on automatic updates for their systems to download updates more easily.
– Charles Watanabe