TechTarget

Downloads of unofficial IE fix hit 95,000

So far 95,000 Internet Explorer users have downloaded an unofficial patch to fix a critical security flaw in the browser.

So far 95,000 Internet Explorer users have downloaded an unofficial patch to fix a critical security flaw in the...

browser.

The patch was issued by eEye Digital Security earlier this week when exploit code for the IE flaw started to appear on the internet.

Rival intrusion detection firm Determina followed suit and also issued its own unofficial patch
.
Both patches are not sanctioned by Microsoft, which is still working on its own official fix. It is not known how many users have so far downloaded the Determina patch.

The Microsoft patch is expected to be issued by 11 April at the latest, which is the company’s scheduled security patching date. But because the threat of the flaw is increasing, the company said it has not ruled out releasing a fix earlier.

Microsoft does not sanction the use of unofficial patches, as it says they could potentially affect the way other IE and Windows components usually work.

The vulnerability is found in the way IE processes "createTextRange()" JavaScript, and is currently being exploited by hundreds of malicious websites which are trying to tempt users with rogue e-mail links.

Internet security company Websense has warned users to be on the look out for spoof e-mails pertaining to be from the BBC, which have web links carrying users to malicious sites.

Users think they are being taken to a news story, but once there they are infected with a Trojan virus and key-logging software.

In addition to the critical flaw that has made it into the wild, Microsoft is also considering two other security flaws found in its browser last week.

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close