Internet Explorer flaw patched by Prevx
16th Dec 2008 | 16:45
British company believes it has an interim answer
British security software company Prevx has announced that it has released a fix for the Internet Explorer flaw which they suggest can be used until Microsoft releases an official patch.
The small utility allows users to disable the affected component of Internet Explorer and apparently keep you safe from that specific exploit.
"Just avoiding using IE will not protect user's computers as malicious code targets users through a number of other means also," said Prevx's head of research Jacques Erasmus.
"Because of the increasing underground market for bank details and other personal information criminals are now designing malicious software which is designed to disable or sneak past anti-virus and remain hidden on a user's computer.
"Prevx has addressed the weaknesses exploited by this approach, providing consumers with next-level protection."
The flaw – which The Press Association has suggested has led to 2 million infected machines across the world was identified six days ago but has yet to be patched.
"What we have seen in terms of infection is this is 0.2% of Internet Explorer users, said Microsoft UK's John Curran.
"Obviously when you are talking about a customer base of over one billion people, any amount of vulnerability is too much and any type of infection is going to see a large number of people affected by it."
Prevx's fix can be found at http://www.prevx.com/ie7.asp and the company is also advising that users ensure that they are automatically receiving Microsoft's security updates so that they receive the official fix when it arrives.