Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: FixIt Available for Internet Explorer Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
FixIt Available for Internet Explorer Vulnerability

Microsoft made a "Fix It" available for the currently unpatched vulnerability in Internet Explorer 6,7,8. Fix It's are not a patch, but an easy method to apply workaround configuration changes. At this point, it is highly recommended to apply the Fix it if you can't upgrade to Internet Explorer 9 or 10 or if you havne't already applied one of the workarounds. The Fix It will not conflict with the final patch.

http://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspx

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Winter 2019

Johannes

3678 Posts
ISC Handler
Also take notice that it indicates you should plan to remove the 'fix it' once the final patch is applied.

That got me thinking about what other ones I still have applied that I need to remove. Anyone know how to easily determine what other fix its are applied to a given system? I have done some searching for this but so far no answers.
FTWMike

24 Posts
If Microsoft is going to wind down their security patches for their OS's that use IE 8 and older (Windows XP), there may not be a final patch for this.
AndrewB

24 Posts
IE 8 follows the lifecycle of Windows 7 so it will receive updates, at least for that OS, through the lifecycle of Windows 7. I would expect support for IE 8 on XP to last until XP is no longer supported in 2014 as well.
AndrewB
2 Posts

Sign Up for Free or Log In to start participating in the conversation!