/>
X
Innovation

Zero-day exploit for IE6 flaw released!

This IE6 flaw looks serious enough that Microsoft should consider an out-of-cycle patch before the next monthly patch. Microsoft was forced to release an emergency patch for the WMF vulnerability in January.
Written by George Ou, Contributor on

A new critical flaw in Microsoft Internet Explorer 6.0 has been fully disclosed to the Internet along with proof-of-concept code.  Secunia released a detailed advisory here.  This latest flaw allows the execution of arbitrary code which means a Windows XP computer running Internet Explorer 6 can be completely compromised by visiting a malicious website.  IE6 users are advised to use the following workarounds until an official patch is released.

  • How to stop Active Scripting for home users.
  • How to stop Active Scripting company wide.

This is a temporary solution and may cause certain sites to not work. In order to make them work, you'll need to add those legitimate sites that needs to have Active Scripting working to the trusted zone in IE.  This is not a simple or desirable solution but it is the only solution that Microsoft gives you as a temporary workaround.  This IE6 vulnerability is serious enough that Microsoft should immediately create an out-of-cycle patch before the next monthly patch and spend less time lecturing about Apple's missteps.  Microsoft was forced to release an emergency patch for the WMF vulnerability in January.  Waiting for next months cycle for a zero-day critical flaw is unacceptable.

Editorial standards

Related

How much RAM does your Windows 11 PC need?
adobestock-339222220

How much RAM does your Windows 11 PC need?

What is ChatGPT and why does it matter? Here's what you need to know
chat bot

What is ChatGPT and why does it matter? Here's what you need to know

These are my 5 must-have devices for work travel now
ipad-mini-firewalla-purple-macbook-air

These are my 5 must-have devices for work travel now