Microsoft Releases Workaround For Internet Explorer 0-Day Vulnerability
By on March 16th, 2010

Internet-Explorer-0-day-VulnerabilityMicrosoft has released a couple of workarounds for the extremely critical Internet Explorer vulnerability we had discussed earlier. The workarounds are available as Fix It solutions, which can be applied directly from the browser.

The vulnerability in question is caused by an error in the Peer Factory class (iepeers.dll) and affects Internet Explorer 6 and 7. The impact of the vulnerability has been magnified by the public availability of the exploit code as well as presence of in-the-wild malwares exploiting this vulnerability.

The first workaround simply disable Peer Factory in the concerned systems while the second one enables DEP (Data Execution Prevention) protection for older versions of Internet Explorer.

The Fix-It solutions make it aptly clear that Microsoft is taking this issue extremely seriously. An update is currently being tested internally and would be pushed out to all affected users as soon as possible. However, in the meantime users stuck with older versions of Internet Explorer should immediately apply the workarounds.

[ Download and Apply Fix-It Solutions ]

Tags: , , ,
Author: Pallab De Google Profile for Pallab De
Pallab De is a blogger from India who has a soft spot for anything techie. He loves trying out new software and spends most of his day breaking and fixing his PC. Pallab loves participating in the social web; he has been active in technology forums since he was a teenager and is an active user of both twitter (@indyan) and facebook .

Pallab De has written and can be contacted at pallab@techie-buzz.com.
  • ron sampson

    How can I manually disable PEER FACTORY in IEPEERS.dll? Retina 12428 vulnerability ID. Downloaded from http://support.microsoft.com/kb/981374 and executed ""Disable PEER FACTORY in IEPEERS.dll MS Fix It 50386 for peer factory in iepeers.dll for Internet Explorer 7 on Windows XP; executed successfully; and DEP enable MS FIX IT 50285 executed successfully. Did not aleviate vulnerability.

 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN