Microsoft Ships IE Flaw Workaround

Though a true patch will still be shipped in the future, Microsoft this week shipped an installable workaround for a recently revealed Internet Explorer (IE) security flaw that its discoverer described as "extremely critical." The workaround

Paul Thurrott

July 6, 2005

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Though a true patch will still be shipped in the future, Microsoft this week shipped an installable workaround for a recently revealed Internet Explorer (IE) security flaw that its discoverer described as "extremely critical." The workaround essentially modifies Windows registry settings, an action Microsoft previously described in a security bulletin. But because many Windows users aren't sophisticated enough to make this change manually, the company has shipped a software-based workaround that does it for them.


The IE flaw affects the Microsoft Java Virtual Machine (JVM) and could be exploited to crash the browser or allow remote code to run on the exploited machine. It affects a wide range of IE versions running on many different Windows versions.

Microsoft says that the software workaround will be propagated to Windows Update/Microsoft Update and Automatic Updates as soon as possible. It will eventually be superseded by a true security patch that fixes the problem. The workaround simply disables part of the Microsoft JVM.

Read more about:

Microsoft

About the Author

Paul Thurrott

Paul Thurrott is senior technical analyst for Windows IT Pro. He writes the SuperSite for Windows, a weekly editorial for Windows IT Pro UPDATE, and a daily Windows news and information newsletter called WinInfo Daily UPDATE.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like