Microsoft Releases Workaround For Internet Explorer 0-Day Vulnerability
Posted By Pallab De On March 16, 2010 @ 12:02 pm In Internet Browsers | 1 Comment
Microsoft has released [1] a couple of workarounds for the extremely critical Internet Explorer vulnerability we had discussed earlier [2]. The workarounds are available as Fix It solutions, which can be applied directly from the browser.
The vulnerability in question is caused by an error in the Peer Factory class (iepeers.dll) and affects Internet Explorer 6 and 7. The impact of the vulnerability has been magnified by the public availability of the exploit code as well as presence of in-the-wild malwares exploiting this vulnerability.
The first workaround simply disable Peer Factory in the concerned systems while the second one enables DEP (Data Execution Prevention) protection for older versions of Internet Explorer.
The Fix-It solutions make it aptly clear that Microsoft is taking this issue extremely seriously. An update is currently being tested internally and would be pushed out to all affected users as soon as possible. However, in the meantime users stuck with older versions of Internet Explorer should immediately apply the workarounds.
Article printed from Techie Buzz: http://techie-buzz.com
URL to article: http://techie-buzz.com/browsers/microsoft-releases-workaround-for-internet-explorer-0-day-vulnerability.html
URLs in this post:
[1] released: http://www.ghacks.net/2010/03/16/microsoft-releases-internet-explorer-0-day-vulnerability-fix-it/
[2] discussed earlier: http://techie-buzz.com/tech-news/ie-0-day-vulnerability-code-published.html
[3] Download and Apply Fix-It Solutions: http://support.microsoft.com/kb/981374
Click here to print.