Another unofficial IE patch offered to counter critical flaw

Another unofficial patch has been released to counter a critical flaw in Microsoft’s Internet Explorer browser.

Another unofficial patch has been released to counter a critical flaw in Microsoft’s Internet Explorer browser.

Microsoft is working on a patch which is expected on 11 April at the latest, but eEye Digital Security issued a temporary patch earlier this week, and now fellow internet security company Determina has followed suit.

Both unofficial patches combat an exploit in the wild that takes advantage of a security hole in the IE browser disclosed last week.

The unofficial patches block access to a vulnerable component in IE, preventing malicious websites from taking advantage of the vulnerability.

While it works on a patch, Microsoft advises users to disable active scripting in their browsers. eEye recommends that users only use its patch if they cannot disable active scripting, as does Determina.

Microsoft is expected to have an official patch on 11 April at the latest, as part of Microsoft scheduled security patching cycle.

Microsoft may, however, release a patch earlier if the critical threat widens. The vulnerability relates to the way IE handles the "createTextRange()" tag in web pages.

Security company Websense has so far discovered more than 200 malicious websites that exploit the flaw, meaning users that visit them could inadvertently open up their machines to remote attackers.

Microsoft does not recommend that users download the unofficial patches. It warns that the patch may affect the normal working of other Windows and IE components on their systems.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.




  • Passive Python Network Mapping

    In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against ...

  • Protecting Patient Information

    In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data ...

  • Mobile Security and Privacy

    In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity ...