Emergency IE 6 Patch released by Microsoft

The Aurora code which was used used to carry out attacks against IE6 recently can not be executed in newer version of IE, IE8. Because IE8 by default is enabled with DEP- Data Execution Prevention. This is a crucial anti-exploit mitigation, is enabled by default on IE8 only.

For the time being, till when a new patch comes for the above exploit, Microsoft's Security Research & Defense team has created and released a one-click "Fix It" tool to allow users to enable DEP (Data Execution Prevention) on older versions of the browser.
DEP is enabled by default for Internet Explorer on the following platforms:

· Internet Explorer 8 on Windows XP Service Pack 3,

· Internet Explorer 8 on Windows Vista Service Pack 1 and later,

· Internet Explorer 8 on Windows Server 2008, and

· Internet Explorer 8 on Windows 7.

So for fixing the vulnerability run in nolder version of IE (IE6,IE7) run the DEP tool.

More details about the DEP and the tool can be found here:



Popular posts from this blog

SQL Injection in search field

File Upload through Null Byte Injection