Downloads of unofficial IE fix hit 95,000


Downloads of unofficial IE fix hit 95,000

Antony Savvas

So far 95,000 Internet Explorer users have downloaded an unofficial patch to fix a critical security flaw in the browser.

The patch was issued by eEye Digital Security earlier this week when exploit code for the IE flaw started to appear on the internet.

Rival intrusion detection firm Determina followed suit and also issued its own unofficial patch
Both patches are not sanctioned by Microsoft, which is still working on its own official fix. It is not known how many users have so far downloaded the Determina patch.

The Microsoft patch is expected to be issued by 11 April at the latest, which is the company’s scheduled security patching date. But because the threat of the flaw is increasing, the company said it has not ruled out releasing a fix earlier.

Microsoft does not sanction the use of unofficial patches, as it says they could potentially affect the way other IE and Windows components usually work.

The vulnerability is found in the way IE processes "createTextRange()" JavaScript, and is currently being exploited by hundreds of malicious websites which are trying to tempt users with rogue e-mail links.

Internet security company Websense has warned users to be on the look out for spoof e-mails pertaining to be from the BBC, which have web links carrying users to malicious sites.

Users think they are being taken to a news story, but once there they are infected with a Trojan virus and key-logging software.

In addition to the critical flaw that has made it into the wild, Microsoft is also considering two other security flaws found in its browser last week.


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy