Microsoft plans to release fix for IE zero-day vulnerability

Software giant says it will release the fix soon even though it has seen few attempts to exploit the flaw.

Microsoft said Tuesday that it plans to release a fix for the recently discovered IE zero-day vulnerability.

The fix will be released in the next few days, according to a blog post by Yunsun Wee, director of Trustworthy Computing at Microsoft.

"While we have only seen a few attempts to exploit this issue, impacting an extremely limited number of people, we are taking this proactive step to help ensure Internet Explorer customers are protected and able to safely browse online," he wrote.

The zero-day flaw affects Internet Explorer 6, 7, 8 and 9, according to a security advisory 2757760 issued by Microsoft late Monday.

Security researcher Eric Romang discovered the vulnerability over the weekend. According to researchers at Boston-based Rapid7, users' computers can become infected by visiting a malicious website. They advised users switch browsers until a security fix is available.

The fix Microsoft will release will be easy to use and will provide "full protection against this issue until an update is available," Wee wrote. Until the fix is available, users should follow the mitigations listed in Monday's advisory, he added.

 

 

Dig deeper on Windows Security: Alerts, Updates and Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close