Microsoft releases fix for IE bug

Iran confirms that a trojan attack has been found on some of its computer systems Major zero-day bugs are rare

Related Stories

Microsoft has released a temporary software fix for a bug in its Internet Explorer web browser.

Cybercriminals used the flaw to install the Poison Ivy trojan on users' computers.

This piece of malware can steal data or take remote control of a PC.

Microsoft said in a blog the Fix It tool was "an easy, one-click solution that will help protect your computer right away" but "not intended to be a replacement for any security update".

Microsoft said there had been an "extremely limited number of attacks".

Before releasing the fix, the company had suggested workarounds such as disabling Active X controls and Active Scripting or downloading its Enhanced Mitigation Experience Toolkit.

Another suggestion had been to change the security-zone settings on the browser to "high" and run IE in a restricted mode.

So-called zero-day, or newly discovered, vulnerabilities are rare. According to security company Symantec, only eight such bugs were spotted in 2011.

Symantec research manager Liam O Murchu said their novelty made them dangerous.

"Any time you see a zero-day like this, it is concerning," he said. "There are no patches available. It is very difficult for people to protect themselves."

The flaw, present in all versions of Internet Explorer except IE 10, was spotted by Luxembourg-based security expert Eric Romang, when his PC was infected by Poison Ivy last week.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories



Try our new site and tell us what you think. Learn more
Take me there

Copyright © 2015 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.