Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: FixIt Available for Internet Explorer Vulnerability SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
FixIt Available for Internet Explorer Vulnerability

Microsoft made a "Fix It" available for the currently unpatched vulnerability in Internet Explorer 6,7,8. Fix It's are not a patch, but an easy method to apply workaround configuration changes. At this point, it is highly recommended to apply the Fix it if you can't upgrade to Internet Explorer 9 or 10 or if you havne't already applied one of the workarounds. The Fix It will not conflict with the final patch.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Defending Web Applications Security Essentials - SANS Cyber Defense Initiative 2021


4302 Posts
ISC Handler
Jan 1st 2013
Also take notice that it indicates you should plan to remove the 'fix it' once the final patch is applied.

That got me thinking about what other ones I still have applied that I need to remove. Anyone know how to easily determine what other fix its are applied to a given system? I have done some searching for this but so far no answers.

24 Posts
If Microsoft is going to wind down their security patches for their OS's that use IE 8 and older (Windows XP), there may not be a final patch for this.

24 Posts
IE 8 follows the lifecycle of Windows 7 so it will receive updates, at least for that OS, through the lifecycle of Windows 7. I would expect support for IE 8 on XP to last until XP is no longer supported in 2014 as well.
2 Posts

Sign Up for Free or Log In to start participating in the conversation!