Computing News | Second unofficial fix plugs IE hole

Latest News | News Archive |

Posted by: Tweaker
Date added: 23:20 Wednesday, 29th March 2006 GMT
Source: ZDNet News

Another company has released a third-party patch for a serious flaw in Internet Explorer, as experts warn users to be cautious with non-Microsoft fixes.

Determina, which makes intrusion-prevention products, made an unofficial fix for the Microsoft Web browser available on Monday. The release came shortly after eEye Digital Security issued its own temporary patch.

Both fixes are meant to protect Windows PCs against cyberattacks that exploit a recently disclosed IE vulnerability Microsoft has yet to provide an update for. The software maker has not endorsed either fix, saying that as a rule it doesn't recommend installing outside patches.

This is the second time this year that somebody has beaten Microsoft to the punch with a security fix. Last time, security experts supported a patch issued by a European researcher. This time, they are not recommending people apply the unofficial fixes.

Instead, people should follow Microsoft's advice and disable the Active Scripting feature in IE, or simply use a different Web browser, experts said.

"At this point, we do not recommend applying these temporary patches," said Johannes Ullrich, the chief research officer at the SANS Institute. Only those people who need to use Active Scripting in IE should consider adopting an unofficial solution, he said.

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]