AfterDawn: Tech news
AfterDawn > News > Microsoft offers temporary fix for exploited IE bug

Microsoft offers temporary fix for exploited IE bug

Written by James Delahunty @ 11 Jan 2011 11:21 User comments (6)

Microsoft offers temporary fix for exploited IE bug Microsoft has offered a temporary "Fix It" workaround for a bug in Internet Explorer 6, 7 and 8 that is being exploited on some websites.
The vulnerability involves the way the browser handles cascading style sheets (CSS), triggered by recursive CSS pages where the style sheets include their own address. The flaw was confirmed by Microsoft in December, and it has updated its advisory to include a workaround due to reports of attacks that target the vulnerability.

The workaround comes in the form of a "Fix It" solution from Microsoft. To be effective, the browser needs to have all the existing security updates installed. The fix basically forces Internet Explorer to avoid importing a CSS style sheet if it has the same URL as the CSS style sheet from which it is being loaded.

Using the Fix It solution will cause a slight performance hit, adding about 150 milliseconds to the browser's start-up time, so it should be removed after Microsoft releases a proper security update for the flaw.

Tags: Microsoft Internet Explorer
<Google will remove support for H.264 from Chrome >ConnectU founders appeal $65 million settlement with Facebook
Previous Next  

6 user comments

112.1.2011 02:28
Zealousi
Send private message to this user
Member

Temp fix lol

last i saw there was a target on windows and i am sure there was a big enough hole in the bull's eye to fly a blimp through.

another security flaw is nothing new for windows, the day they fix their OS will be well never lol

212.1.2011 03:02
KillerBug
Send private message to this user
AfterDawn Addict

I have a permanent fix...it is called Firefox.

312.1.2011 04:02
Zealousi
Send private message to this user
Member

Originally posted by KillerBug:
 I have a permanent fix...it is called Firefox.
LOL

Remember to remove IE from system too, it is a security risk to have that pre installed program on any computer.

Microsoft is a lul

412.1.2011 23:45
KillerBug
Send private message to this user
AfterDawn Addict

Unfortunately, the guys over at FireFox are a bit too strict with security (too strict in the sense that you cannot turn off safeguards, even temporarily), so I still need IE for CMS...but I use FF for everything else.

513.1.2011 11:26
xaznboitx
Send private message to this user
Senior Member

Originally posted by KillerBug:
 Unfortunately, the guys over at FireFox are a bit too strict with security (too strict in the sense that you cannot turn off safeguards, even temporarily), so I still need IE for CMS...but I use FF for everything else.
too bad the popup blocker doesn't even block anything like ie does

613.1.2011 14:06
Mr-Movies
Send private message to this user
Senior Member

Originally posted by KillerBug:
 Unfortunately, the guys over at FireFox are a bit too strict with security (too strict in the sense that you cannot turn off safeguards, even temporarily), so I still need IE for CMS...but I use FF for everything else.
That is exactly right and is why FireFox is not a viable alternative for IE. I use FireFox but my main internet browser is AvantBrowser, better features and no blocked sites like in FF. OrcaBrowser is also a good alternative and is based on FireFox but is from the same provider as Avant, both are totally free!

I've had plenty of problems with IE's new ways and this band-aid fix is a joke. Your better off just waiting until they have what might seem to be a real fix.

Comments have been disabled for this article.

Latest news

VLC hits milestone: over 5 billion downloads VLC hits milestone: over 5 billion downloads (16 Mar 2024 4:31)
VLC Media Player, the versatile video-software powerhouse, has achieved a remarkable feat: it has been downloaded over 5 billion times.
2 user comments
Sideloading apps to Android gets easier, as Google settles its lawsuit Sideloading apps to Android gets easier, as Google settles its lawsuit (19 Dec 2023 11:09)
Google settled its lawsuit in September 2023, and one of the settlement terms was that the way applications are installed on Android from outside the Google Play Store must become simpler. In the future, installing APK files will be easier.
8 user comments
Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19)
Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
Neato, the robot vacuum company, ends its operations Neato, the robot vacuum company, ends its operations (02 May 2023 3:38)
Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028.
5 user comments
How to Send Messages to Yourself on WhatsApp How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25)
The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. ....
18 user comments

Reviews

Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets
Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner
Samsung's Jet Bot 90 AI+ is a top-class robot vacuum cleaner that can avoid obstacles and empty its own dust container. Here we review the product.
1 user comment
Samsung Jet Bot 80+ review - excellent robot vacuum cleaner Samsung Jet Bot 80+ review - excellent robot vacuum cleaner
We review Samsung's Jet Bot 80+ robot vacuum cleaner over a period of three months.
1 user comment

Guides

Windows 11: Check if TPM is enabled on your computer Windows 11: Check if TPM is enabled on your computer
In this short guide we will look at how you can check the status of Trusted Platform Module (TPM) on your PC ahead of the coming launch of Windows 11.
What IP rating for dust and water resistance means What IP rating for dust and water resistance means
An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean?
1 user comment
Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix
Do you have problems with you Wi-Fi? Slow connection or is it cutting off constantly? This guide aims to remedy these problems.
1 user comment
HOWTO: Boot Android device into Safe Mode HOWTO: Boot Android device into Safe Mode
Are you having trouble with your Android device? If you find that your device has become sluggish, is freezing, takes too long to boot or any of a host of other performance concerns, you may want to boot into Safe Mode.
Guide: Phone battery drains quickly - how to fix (iPhone / Android) Guide: Phone battery drains quickly - how to fix (iPhone / Android)
In this guide, we go through the most typical reasons for rapid battery drain with phones, and look at potential reasons or solutions.

News archive

Sections:

Follow us:

© 1999-2024 AfterDawn Oy. All rights reserved
Back to Top ⇧
AfterDawn is powered by Powered by UpCloud