IE Vulnerability: Microsoft one-click Fix It

Microsoft's Internet Explorer got a handful of critical exploitations earlier in the week. The zero-day vulnerabilities affects IE9 and older versions of the browser, the exploit allows remote code execution which could enable an attacker take control of a compromised system.

The exploit takes advantage of a "use-after-free" vulnerability, a vulnerability affecting mshtml.dll component of Internet Explorer.

The company has now provided a one-click work-around to the vulnerabilities, termed "Fix it for me", which affords an automatic fix to the vulnerabilities without requiring rebooting. The one-click automatic system does not affect browser sections while being implemented.

The "fix it" tool works by protecting the system from memory corruption, which security researchers have identified as the major entry mechanism for the exploits.

Microsoft has also scheduled an out-of-cycle security update to permanently fix the glitches for Friday. And users will be able to get the security patch through the Windows Update, while it will be automatic for those who have enabled automatic update.
Next Post »