Microsoft via it's Windows Update facility, has released what seems to be a temporary workaround, to fix the IE flaws which were exploited last week.
Microsoft's configuration change blocks the ability of the ADODB.screen ActiveX component to write to the PC's hard drive. ActiveX, which adds interactivity to Web sites viewed with Internet Explorer, has long been thought to have security issues.
This particular vulnerability has been known about for more than 9 months, said David Endler, director of incident response for security company Tipping Point.
"Though written configuration hardening instructions have been available online for a while, it's nice to finally see this particular security tweak in Internet Explorer distributed to the masses, even if it's long overdue," he said.
- Log in to post comments