Two security companies have released workarounds for a serious flaw in Internet Explorer that is being exploited by hackers.
eEye Digital Security and Determina have both released workarounds for the vulnerability, which concerns the Active Scripting function.
The workarounds are designed to be used as a temporary measure until Microsoft releases its official patch, which is expected on 11 April.
eEye Digital Security said, "Organisations that choose to employ this workaround should take the steps required to uninstall it once the official Microsoft patch is released."
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Determina also recommended users uninstall its fix once the official Microsoft version becomes available.
Web monitoring company Websense has warned users of a new attack based on the security hole. It said, "Attackers have begun spamming e-mail lures in an attempt to attract users to infected websites."
The attack uses excerpts from BBC news stories and offers a "read more" link. Users who follow this link are taken to a website containing a spoofed copy of the BBC news story.
Websense said, "This website exploits the vulnerability and is currently being used to download and install a keylogger."