Internet Explorer 8 and older versions are still vulnerable to a flaw that would allow an attacker to take control of an unpatched system, especially because Microsoft is working on an update to address the glitch.The company has already released a “Fix it” tool that configures the browsers in order to stay on the safe side, but a security firm managed to find a way to bypass this patch too.
And still, Qualys CTO Wolfgang Kandek says that users should install the fix anyway, especially because it addresses the flaws and provides some sort of protection.
“IT admins should track this vulnerability closely, as a large percentage of enterprises still run the affected versions of Internet Explorer 6, 7 and 8. And admins should apply the Fix-It even though it can be bypassed because it addresses the currently known attacks,” he said.
The full patch is expected to be released in the upcoming weeks, so we’ll keep you posted on this subject.