Patches released for zero-day IE threat
March 30, 2006
Robert Lemos, SecurityFocus 2006-03-28
The third-party patches are the latest fixes to be released by companies other than Microsoft, when the software giant's response is perceived to leave customers at risk. In January, an independent software programmer released a patch for a critical flaw in the Windows Meta File (WMF) format that also affected users of Internet Explorer. The companies, and the researcher that released the WMF patch, do not refer to the fixes as permanent solutions but temporary workarounds.
Microsoft did not recommend that Windows users install the patches, said Stephen Toulouse, security program manager for Microsoft.
"While the IE team is working on an update to address the problem, we certainly recommend a defense- in-depth strategy that involves third party tools such as antivirus or IDS/IPS (intrusions detection/prevention system) solutions," Toulouse said in a blog posting. "However we cannot recommend third party solutions that modify the way the product itself operates."
Source: http://www.securityfocus.com/
The third-party patches are the latest fixes to be released by companies other than Microsoft, when the software giant's response is perceived to leave customers at risk. In January, an independent software programmer released a patch for a critical flaw in the Windows Meta File (WMF) format that also affected users of Internet Explorer. The companies, and the researcher that released the WMF patch, do not refer to the fixes as permanent solutions but temporary workarounds.
Microsoft did not recommend that Windows users install the patches, said Stephen Toulouse, security program manager for Microsoft.
"While the IE team is working on an update to address the problem, we certainly recommend a defense- in-depth strategy that involves third party tools such as antivirus or IDS/IPS (intrusions detection/prevention system) solutions," Toulouse said in a blog posting. "However we cannot recommend third party solutions that modify the way the product itself operates."
Source: http://www.securityfocus.com/