Microsoft releases patch for Internet Explorer vulnerability, download the fix now to stay safe

You know that Internet Explorer vulnerability affecting Internet Explorer 7/8/9 on Windows XP/Vista/Win7 dotTech recently posted about? Yeah, well, it looks like Microsoft is on the ball with this one; they have just issued an easy-to-apply ‘Fix it’ to patch the vulnerability. According to Microsoft, “applying the Fix it solution, ‘Prevent Memory Corruption via ExecCommand in Internet Explorer,’ prevents the exploitation of [the] issue.” Anyone with Internet Explorer 6/7/8/9 on their computer is highly recommended to apply the fix — it takes literally less than 30 seconds and doesn’t even require you to reboot your computer.

At the end of this article you will find the relevant links you need to use the Fix it. To apply the Fix it, simply click on the “Enable Fix it (direct download)” link you see below to download the fix. Once the download is finished, run the EXE file, accept “Software License Terms”, then wait while the Fix it does its thing (a system restore point will be created before the fix it applied; if you are on Windows Vista or higher, you will be prompted by UAC). You know the Fix it has been successfully applied when you get the following message:

Overall it should take you less than 30 seconds from start to finish. If it takes longer then something is probably wrong.

You can grab the Fix it from the links below.

Enable Fix it (direct download) | Disable Fix it (direct download)

Fix it homepage | Microsoft security bulletin

[via TheNextWeb]

Related Posts

  • internetexplorer

    It takes my fast AMD multi-cores longer than 30 seconds just to create a system restore point, and I don’t think that’s unusual, so I would not be surprised if noobies reading your article think something must be wrong with their system. They might not know that you are exaggerating. Just a heads up in case you start getting lots of such comments.

  • hobufu

    has anyone read this user agreement?
    I thought it was funny. HAHAHA!
    Because this software is “as is,” we may not provide support services for it.
    You may not
    work around any technical limitations in the software;
    reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits

    I’m wondering how long until IE is hacked again.

    The software is licensed “as-is.” You bear the risk of using it. Microsoft gives no express warranties, guarantees or conditions.

    Using IE is a risk in itself.

    You can recover from Microsoft and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.This limitation applies to
    anything related to the software, services, content (including code) on third party Internet sites, or third party programs
    It also applies even if Microsoft knew or should have known about the possibility of the damages.

    anyone want to sue Microsoft now?

  • Mike

    Many thanks for the alert and the easy fix. All too many hack issues nowadays–there really needs to be a better way . . . .

  • DoktorThomas

    Gracias, pero todavía no usaré IE.

  • Mardel53

    Same here and I could not locate a fix for 64 bit operation system.

  • r0lZ

    According to the M$ site: “For computers that are running 64-bit operating systems, the following Fix it solution only applies to 32-bit versions of Internet Explorer.”

    Indeed, if I run the patch, it produces an “unknown error”.

    Is it a similar fix for Win7 x64? I haven’t found it.

  • Bas


    This is just a temporary fix, the real fix will come tomorrow, and that will be released on Windows Update.

  • Unicorn02

    This is not actually a patch as we know, as no files are being updated. I used sysinternals procmon to see what is happening under the hood. It modifies the AppCompatibility flags in the registry for IE. This means the Fixit performs the same hardening like using EMET 3.0 to fix the issue. But this “fix it” is easier for “normal” users to apply. In companies however a rollout of EMET with settings by group policy is the best way.

  • Stephen

    So why haven’t they released it via Microsoft Update? Is there anything we can deduce from this?

  • BarrysCool


  • Mr.Dave

    Thanks from me too!
    I would thank Microsoft as well, but they’ve never listened to me in the past, doubt they would start now :-)

  • Frank D

    Thank you, Ashraf, for the heads-up.