Simple workarounds for latest IE security vulnerability

Microsoft has published two "Fix it" tools for the critical security vulnerability in Internet Explorer. To tide them over until a patch is released, users can now block the currently circulating exploit from working on their systems in just a few clicks.

The first fix-it tool, for IE6 and IE7 under Windows XP and Server 2003, can be used to deactivate the peer classes in the iepeers.dll library. This definitively plugs the vulnerability, but can have unintended side-effects in Windows networks. This particular fix-it tool does not work under Vista or Server 2008 – users wishing to activate the workaround under these Windows versions need to follow the instructions given in Microsoft's advisory.

The second fix-it tool activates data execution prevention (DEP) in IE6 and IE7 on systems which support it. This has been the case since Windows XP SP2 and Windows Server 2003 SP1, where this feature is supported by the CPU. AMD calls this NX (No Execute), Intel calls it XD (Execute Disable). DEP is globally activated by default in the 64-bit versions of Vista and Windows 7 and IE8 activates DEP automatically on all systems which support it.

Use of DEP is to be recommended on principle, as it thwarts many common exploit techniques and causes problems only with a handful of add-ons. DEP does not, however, represent complete protection. Security experts have already demonstrated that it can be bypassed even for older IE exploits. It is therefore probable that an exploit adapted for DEP will be doing the rounds soon.

Should the Fix it tools cause problems, they can also be deactivated with a single click.

See also:

• Vulnerability in Internet Explorer could allow remote code execution, security advisory from Microsoft.

(crve)