Third party offers temporary IE fix

by admin March 28, 2006 at 3:05 am

eEye Digital Security released a temporary fix on Monday for Internet Explorer to combat attacks that exploit a recently disclosed security hole in the browser.

The unofficial fix blocks access to the vulnerable component in the Microsoft Web browser, preventing malicious Web sites from taking advantage of the vulnerability, said Steve Manzuik, security product manager at eEye in Aliso Viejo, Calif. Microsoft does not have a fix for the flaw available yet.

Though eEye’s patch does protect PCs against attacks that take advantage of the flaw, the company recommends installing the fix only as a last resort. “Organizations should only install this patch if they are not able to disable Active Scripting as a means of mitigation,” Manzuik said. Disabling Active Scripting is Microsoft’s suggested work-around.

“This patch is not meant to replace the forthcoming Microsoft patch, rather it is intended as a temporary protection against this flaw,” Manzuik said.

Read more: CNET