(LiveHacking.Com) – Microsoft has updated Security Advisory 2749920 to include new information about the official Fix It that the company said it would release. The Fix It, which is a temporary measure issued by Redmond until a full patch can be delivered, is a response to the zero-day vulnerability found in Internet Explorer 6,7 and 8.
The Fix It uses a shim to change a few bytes of data in a .dll and so prevent the vulnerability from being used for code execution. If triggered the browser will now just crash. Applying the Fix it does not require a reboot.
“While we have still observed only a few attempts to exploit this issue, we encourage all customers to apply this Fix it to help protect their systems,” said Dustin Childs from Microsoft’s Trustworthy Computing unit.
[...] Microsoft’s Fix It for the current zero-day vulnerability in Internet Explorer 8. The official Fix It was released by Microsoft as a temporary workaround to the zero-day vulnerability found in Internet Explorer 6,7 and [...]