Workarounds Available for Zero-Day Vulnerability

News of the vulnerability spread last week when Maurycy Prodeus of iSec Security Research posted information about the vulnerability on the Web. According to Microsoft's advisory, the vulnerability is due to the way VBScript interacts with Windows Help files when using Internet Explorer.

To address the issue, Microsoft made a number of suggestions, including restricting access to the Windows Help system. The company warned however that if the Windows Help System is rendered unavailable, users may not be able to leverage the help function in applications. The company also suggested user change the local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting, and avoid pressing the F1 key if they are prompted to by a Web site.

Microsoft served up a handful of workarounds to plug a security hole caused by an unpatched zero-day on March 1st.

View Article



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Bonita BPM 7 is here! And for you, an in-depth tour of its innovation. In this webinar, we'll guide you through the brand-new features of this release and demonstrate them live. You will: Discover how business application implementation and maintenance is now even easier, with decoupling of process logic, business data and user interface Learn how to create "living applications" for business processes which present business data in custom views We recommend that you watch the half-hour recording of our …

  • Following an IT incident through to resolution is more than just acknowledging an alert and restarting a server. The recent State of On-Call Report found that it takes most companies an average of 10-30 minutes to resolve an incident with an average of 5 people involved. Imagine how much money and time companies are spending to deal with incident resolution. But what if you had a tool that offered solutions baked in? Or a tool that sent alerts to the right person or team every time? These are the kind of …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date