Microsoft offers temporary fix for live Internet Explorer exploit

Share this article:

A one-click workaround is now available to protect against a zero-day vulnerability affecting version 8 of Internet Explorer (IE).

Microsoft on Wednesday evening EST announced that it has made a Fix-It available to address "known attacks that leverage the vulnerability to execute code," according to a blog post from Dustin Childs, a company spokesman. No restart is required.

Users running IE versions 6, 7, 9 and 10 do not need to take any action.

Microsoft disclosed the vulnerability over the weekend after reports emerged of a "watering hole" attack targeting a section of the U.S. Department of Labor website, with the intended targets apparently being those who conduct nuclear weapons research.

No fewer than nine other sites also were clandestinely seeded with an exploit that takes advantage of the vulnerability. Each of the affected sites are related to energy-related organizations, and researchers believe the malware campaign has been ongoing since mid-March.

It is unknown if Microsoft will have a full, working patch ready for this issue by Tuesday, when it is scheduled to distribute its monthly security update.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.