Tuesday, June 22, 2021

One-click workaround for IE vulnerability till fix available

Microsoft has issued a one-click temporary fix for an Internet Explorer vulnerability that prompted the German government to urge its citizens to use other browsers until the hole is patched.
 

 

 
The vulnerability affects IE 6 through 9. It’s a memory corruption vulnerabilty that can allow the installation of a remote access trojan, which could allow a variety of nefarious activity on affected computers, including program installation, configuration changes, keystroke logging, file deletion, etc.

This is normally an opportunity to preach the virtues of keeping your browser up-to-date (you’re running IE 6 still? Really?), but this vulnerability affects every version up to the latest.

 
RELATED CONTENT
 
I do like the one-click “Fix It Now” approach to the temporary solution. Casual users would be much more likely to keep patches up to date given this approach rather than the Patch Tuesday regimen. It could be a pain for IT management, though, if they have (wisely) denied most users install privileges.

And, of course, with frequent enough appearances, it could become another vector of exposure, as attackers find ways to spoof the fix-it-now button.

The permanent fix for the flaw is to be delivered on Friday, Microsoft says.

 

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Related Tech News