Microsoft puts an end to the exploit in IE 8, 7 and 6 with Security Update 2799329

IE black and white logo large

Microsoft is today putting an end to the vulnerability found in old versions of Internet Explorer (6-8) that allowed an attacker to execute harmful code in a target computer, if the user was tricked by a specially crafted website.

Soon after the security hole was found, the software giant quickly made available a temporary workaround in a form of patch that they call “Fix it”. However, the security update released today should permanently close the door, for good, to this issue.

The company reports that only a small number of users have been affected by the exploit, but acknowledges that if could potentially affect more users in the future. Because of its future impact the update has been labeled as “Critical” and it will be installed automatically to all those users who have Automatic Update enabled. Microsoft also is advising users to upgrade to IE9 and 10 when possible to stay even more protected from this particular security hole. 

Note that if you previously installed the “Fix it”, you don’t need to uninstall it before applying the new update, but you may want to uninstall the patch after, as it could slowdown IE start-up time.

If you prefer to manually install the Security Update (2799329), you can download it here.

Source Microsoft Security Response Center