Microsoft Releases Fix it Solution to Patch Internet Explorer 0-Day Vulnerability
Few days ago, a zero-day vulnerability was reported in Microsoft’s Internet Explorer that could allow Remote Code Execution. As a working patch was not available and also since this vulnerability only affected Internet Explorer 6 and Internet Explorer 7; Microsoft advised users to update their web browser to the latest official version of Internet Explorer, i.e, version 8, which would protect their computer system from the security vulnerability. Internet Explorer 8 was reported to be unaffected by this vulnerability.
For users who couldn’t update to the latest version of Internet Explorer for various reasons, Microsoft now has released two Fix It solutions to patch the vulnerability. In short, Microsoft’s Fix it automated solutions work to automate solutions to common software problems in an easy, intuitive way that is available when and where you need it. Fix it provides a way to apply automated fixes, workarounds, or configuration changes so you don’t have to do a long list of manual steps yourself.
Two Fix it solutions are available:
- Fix it solution for peer factory in iepeers.dll – We have created an application compatibility database that will disable peer factory in the iepeers.dll binary for supported versions of Internet Explorer on Windows XP and Windows Server 2003.
To install this application compatibility database, click the Fix it button in the “Fix it solution for peer factory in iepeers.dll” section.
- Fix it solution for Data Execution Prevention – We have created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer that support DEP. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.
To install this application compatibility database, click the Fix it button in the “Fix it solution for Data Execution Prevention” section.
For the second Fix it workaround to be effective, the processor must support Hardware-enforced DEP and do not apply to Windows 2000-based operating systems because Windows 2000 does not support DEP.
You can download or execute directly both the Fix It solutions form the Microsoft Knowledge base article link below: