George Kurtz, McAfee: Stay Tuned For Emergency IE Patch
January 2010 by Marc Jacob
There’s good news and bad news today about a fix for the serious Internet Explorer vulnerability that was exploited to attack Google and several other companies in what McAfee calls Operation Aurora.
Good news: Microsoft said it is readying an emergency patch for Internet Explorer and will share timing of the release on Wednesday.
Bad news: McAfee Labs has seen at least one unofficial patch for the Internet Explorer vulnerability created by a third party.
Patching is of course a good idea, don’t just apply any patch. These unofficial patches may seem like a good idea as they appear to provide immediate protection, but applying a patch from an unknown source for software that was created by someone else just isn’t a good idea. It can create all kinds of compatibility and performance issues and may be a security risk of its own.
Microsoft is working hard on the fix for the vulnerability, this is what they wrote on their blog today: “Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability.”
Also, on Tuesday McAfee Labs released a tool that detects and repairs any threat related to Operation Aurora we are aware of. This is a free tool and there seems to be great demand for it. The tool is a new version of our “Stinger” virus removal application. The Aurora Stinger has been designed to specifically detect and repair all known variants of Aurora and associated threats.
The Aurora Stinger also includes a link to the cloud-based McAfee Global Threat Intelligence, which means that it will also pick up on newly discovered variants in real time without requiring an update to the signature files that come with the tool.