My next class:

FixIt Available for Internet Explorer Vulnerability

Published: 2013-01-01. Last Updated: 2013-01-01 12:47:12 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Microsoft made a "Fix It" available for the currently unpatched vulnerability in Internet Explorer 6,7,8. Fix It's are not a patch, but an easy method to apply workaround configuration changes. At this point, it is highly recommended to apply the Fix it if you can't upgrade to Internet Explorer 9 or 10 or if you havne't already applied one of the workarounds. The Fix It will not conflict with the final patch.

http://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspx

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

3 comment(s)
My next class:

Comments

Also take notice that it indicates you should plan to remove the 'fix it' once the final patch is applied.

That got me thinking about what other ones I still have applied that I need to remove. Anyone know how to easily determine what other fix its are applied to a given system? I have done some searching for this but so far no answers.
If Microsoft is going to wind down their security patches for their OS's that use IE 8 and older (Windows XP), there may not be a final patch for this.
IE 8 follows the lifecycle of Windows 7 so it will receive updates, at least for that OS, through the lifecycle of Windows 7. I would expect support for IE 8 on XP to last until XP is no longer supported in 2014 as well.

Diary Archives