Two weeks ago, Microsoft first warned its users that it was investigating public reports about a zero-day vulnerability in its Internet Explorer (IE) Web browser. It’s a vulnerability that still has not been patched in a full update and is now actively being exploited by attackers. –
Darien Kindlund, manager of threat intelligence for FireEye, told eWEEK that patching this issue is nontrivial.
“The exploit affects all major versions of IE; therefore, Microsoft may require additional time to construct a proper patch covering all of these versions,” he said.
Consumers have used the Fix It tool, and it seems to work for them, Kindlund noted.
“Enterprises have not adopted the tool for widespread use, largely because it is not as maintainable as a formal hotfix,” Kindlund said.
Read the full story at eWeek:
Microsoft IE Zero-Day Flaw Exposure Widens
Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.