IE exploit unofficial patches



While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.


Three if you count firefox… 😉

Anyway, eEye Digital Security is the maker of one, which will remove itself when Microsoft’s fix is installed. Determina also has a “standalone fix”.

With regards to third party patches. Be very cautious. I have not tested either of these. My feeling is they would pose no great risk given the sources. (I’d be more likely to trust the eEye patch from their reputation – nothing against Determina, I just don’t recall having heard of them.) I WOULD test these thoroughly on a sacrificable/sandboxed system before daring to push out use to any other systems. AND most importantly I’d question if it’s really worth the risk of trying a third party patch when there are other options. (I know disabling active scripting can have frustrating consequences.)

That much said, I also know it’s nice to have options.

   Send article as PDF   

Similar Posts