Microsoft has released a Fix It solution, that will allow users to automatically fix the security vulnerability found recently in Internet Explorer 8.
Microsoft Security Advisory 2847140 stated:
This is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
The Fix It 50991, is a portable, code-signed package that uses the Windows application compatibility toolkit to make a small change at runtime to mshtml.dll every time Internet Explorer 8 is loaded.
Microsoft’s EMET tool has been effective in blocking this specific exploit, but this was good enough only as a workaround. The Fix It will help patch the hole permanently. Microsoft recommends installing the Fix it solution until the comprehensive security update is available.
It is to be noted that only Internet Explorer 8 is vulnerable to this issue and Microsoft is currently seeing only limited attacks on IE8.
