eEye issues workaround against unpatched IE flaw

Security firm eEye Digital Security has released a temporary fix to protect Windows users against an unpatched vulnerability in Internet Explorer.

The critical vulnerability, which involves the way IE handles HTML Objects, affects even fully patched Windows XP systems. Exploits allow hackers to commandeer vulnerable machines by tricking surfers into visiting websites containing malicious code.

Users are advised to disable Active Scripting from within Internet Explorer as a workaround pending the arrival of a patch from Microsoft, expected on Tuesday, 11 April. Disabling Active Scripting might prove problematic in some environments, however, so eEye has stepped in to fill the breach with a temporary workaround.

Continue at source

News Source: Channel Register