The August cumulative security update for Internet Explorer 6, 7, 8, 9, and 11 is available on Windows Update. It fixes one publicly known vulnerability and 25 potentially dangerous vulnerabilities that were reported early before they were publicly disclosed. The most serious vulnerabilities relate to remote code execution if a user visits an attacker’s website. The user can then gain the same rights as the user. It also includes a new method to block ActiveX controls.
Users with UAC (User Account Control) enabled are better protected against attacks. The update is on Windows Update, so if you have automatic updates enabled, you don't need to take any special action. Otherwise, I recommend deploying this update as soon as possible, because the most vulnerable systems are in the time between the disclosure of the vulnerability and the installation of the security update.
The update is rated critical for Windows Client and Critical for Windows Server.
An update to Adobe Flash Player for Internet Explorer 2982794 has also been released, which is rated as critical.
For more information, see MS14-051 and APSB14-18.
ActiveX filtering
It has been known for several years that the biggest security risk of IE is ActiveX. It’s a framework that Windows applications use to be modular. The problem is that users don't choose a software vendor that has a mechanism to keep outdated software up to date. Many ActiveX controls remain outdated, because users do not even know that a new version is available. This means that nothing will alert them that there is a known way to attack their computer. In 2013, the share of exploits based on vulnerabilities in the Java control was 84.5% – 98.5% each month.
That’s why the developers of Internet Explorer decided to block old versions of controls. A feature called out-of-date ActiveX control blocking notifies users when they run known, outdated versions of controls, ensures that they are updated on behalf of the manufacturer, and detects the controls in use on computers in the company.
Out-of-date ActiveX control blocking will become active in a month. If there is a serious problem with it, it can be turned off by editing the registry. Just set REG_DWORD
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\VersionCheckEnabledto 0.
WebDriver support
WebDriver is a technique that allows you to control the browser with a program. It’s actually a kind of remote control for the browser. It is used to automatically verify the functionality of the website. WebDriver was introduced in IE in DC1 and is now available in version 11.
Improved WebGL
IE now supports 16-bit textures and other similar things in WebGL. On Windows 7, it uses the GPU. The result of the Khronos test increased from 89.9 to 96.8% (I wanted to include the results of other browsers for comparison, but in Chrome 36 the test did not finish and Firefox 30 crashed repeatedly).
F12 Developer Tools
Even the tools for developers have undergone many minor changes for the better. For example, in the Síť tab, you can actually see the images being transferred.