Microsoft finally patches IE Trojan vulnerability
Microsoft has released a work-around for an Internet Explorer vulnerability that has left Windows users open to attacks for almost nine months.
The flaw, in an ActiveX scripting component, gained notoriety last month when it became the mechanism used by a network of compromised websites to install a malicious program on victims' computers. Microsoft has decided to plug the hole by turning off the ability for the ActiveX component to write to the operating system.
The software giant published the work-around on its website and directed customers to use its Windows update service to download the patch.
By Robert Lemos at vnunet.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.