IE exploit unofficial patches



While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.


Three if you count firefox… ;-)

Anyway, eEye Digital Security is the maker of one, which will remove itself when Microsoft’s fix is installed. Determina also has a “standalone fix”.

With regards to third party patches. Be very cautious. I have not tested either of these. My feeling is they would pose no great risk given the sources. (I’d be more likely to trust the eEye patch from their reputation – nothing against Determina, I just don’t recall having heard of them.) I WOULD test these thoroughly on a sacrificable/sandboxed system before daring to push out use to any other systems. AND most importantly I’d question if it’s really worth the risk of trying a third party patch when there are other options. (I know disabling active scripting can have frustrating consequences.)

That much said, I also know it’s nice to have options.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
  • WMF unofficial patch updated There's been an update to the unofficial patch for the WMF (Windows MetaFile) vulnerability. The main change appears to be some options to allow for quiet installation (unattended) to help administrators in large environments try to roll the patch out in automated login scripts/etc. It can be found here or......
  • Microsoft Update day for September.... AND Flash... AND Apple Yesterday, of course, Microsoft released it's monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn't quite a huge update day by recent standards, but here's the summary.... Incidents.org has a nice chart showing the two re-released patches (one is actually......
Blog Traffic Exchange Related Websites
  • Linux and the Fight for Freedom This is a guest post! If you want to write for us, check out the Guest Post section. Linux users are the freedom fighters of computing. They love their independence, and they’re not going to give that up for anything. Like their counterparts, though, they also need a little structure.......
  • Solar Screens Solar Screens are the perfect window treatment for your living rooms, family rooms, media rooms, or any form of entertainment room. Also known as solar shades, solar screens offer the ultimate in technology for light control while still providing great, stylish looks. In terms of operation, solar screens are very......
  • Conflicker - I mean, seriously If you don't already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley - there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site