Help Net Security – Microsoft has released the Fix it solution for the IE zero-day memory-corruption vulnerability that is currently being exploited in attacks, and has promised a security update for IE to solve the problem.
“While the vast majority of people are not impacted by this issue, today Microsoft provided a temporary fix that can be downloaded with one easy click and offers immediate protection. We will also provide a permanent solution for customers that will be automatically enabled on Friday, Sept. 21, 2012,” stated Yunsun Wee, director, Trustworthy Computing Group.
This update (MS12-063) will be a cumulative update for Internet Explorer addressing Security Advisory 2757760 as well as four other critical-class remote code execution issues. The will be rated critical and will require a restart.
Users who haven’t enabled automatic updating on their PCs are urged to update the browser themselves as soon as the update is out.
In the meantime, users can pick up the Fix it tool here.