Unofficial patches available for IE6 exploit

A buffer overflow [CVE-2006-3730] in an ActiveX control for Internet Explorer 6 for Microsoft Windows XP with SP2 installed can crash the web browser and allow remote code execution.

A test is available to see if your web browser is susceptible to the vulnerability.
If your web browser is vulnerable it WILL crash when the test is performed.
Click here to test your web browser.

Microsoft is working on a patch, currently scheduled for an October 10 release, as part of its regular Patch Tuesday update cycle. "We are aware of Web sites attempting to use the reported vulnerability to install malware. Our investigation into these Web sites shows that, in most cases, attempts to install malicious software by exploiting this vulnerability fail. This is due to specific technical factors related to the vulnerability."

Read the Microsoft Security Advisory (926043) HERE.

A patch is available from Determina.
Click here to visit Determina's web site for more information.

ZERT has updated ZProtector to protect against this vulnerability.
Click here to download ZProtector. zip file.