1 2 3 Previous Next 23 Replies Latest reply on Sep 26, 2012 7:17 AM by Peter M

    Microsoft issues emergency FixIt for Internet Explorer

    Hayton

      This looks like a temporary measure until the unscheduled update is released for IE on September 21st

      (see http://technet.microsoft.com/en-us/security/bulletin/ms12-sep)

       

      Malware exploiting the vulnerability reported in IE has already been seen, and the standard mitigation procedures for Windows (DEP, ASLR) may not be effective against it.

       

      If you use IE, you're vulnerable to attack - especially if you use IE7 or IE8 on XP. Some security experts have been saying that all versions of IE except IE10 are totally unsafe until this is fixed and you should switch to another browser.

       

      Microsoft's temporary patch is a FixIt available at

      http://support.microsoft.com/kb/2757760

       

      For more details about this see

      http://technet.microsoft.com/en-us/security/advisory/2757760

       

      http://blogs.technet.com/b/msrc/archive/2012/09/19/internet-explorer-fix-it-avai lable-now-security-update-scheduled-for-friday.aspx

       

      This article discusses the use of Microsoft's EMET to protect applications against many common types of exploit :

      https://krebsonsecurity.com/2012/09/internet-explorer-users-please-read-this/


      Message was edited by: Hayton on 21/09/12 06:32:36 IST

       

      Message was edited by: Hayton - add link to Brian Krebs article -  on 22/09/12 16:31:03 IST
        1 2 3 Previous Next