Microsoft finally patches IE Trojan vulnerability
Microsoft has released a work-around for an Internet Explorer vulnerability that has left Windows users open to attacks for almost nine months.
The flaw, in an ActiveX scripting component, gained notoriety last month when it became the mechanism used by a network of compromised websites to install a malicious program on victims' computers. Microsoft has decided to plug the hole by turning off the ability for the ActiveX component to write to the operating system.
The software giant published the work-around on its website and directed customers to use its Windows update service to download the patch.
By Robert Lemos at vnunet.
[ Read more ]