New workaround for Internet Explorer vulnerability

Stephen Withers
Monday, 15 March 2010 08:01

Business IT - Security

Microsoft has released an automated tool to help protect against the Internet Explorer zero-day vulnerability revealed last week.

Last week, Microsoft warned of a zero-day vulnerability in Internet Explorer 6 and 7, and listed some measures that could be taken to mitigate the risk while the company worked on a fix.

According to Jerry Bryant, senior security communications manager lead at the Microsoft Security Response Center, we are working hard to produce an update which is now in testing."

"This is a critical and time intensive step of the process as the update must be tested against all affected versions of Internet Explorer on all supported versions of Windows," he added.

Meanwhile, Microsoft has released an automated 'Fix it' that installs an applicaton compatibility database to disable the peer factory in iepeers.dll, blocking an attack vector for the vulnerability.

Unfortunately, this mitigation does have some side effects and it may interfere with printing from Internet Explorer, the use of web folders, and other functions.

There's another relevant Fix it, so please read on.