Microsoft has released quick fix for a zero-day vulnerability in older versions of its Internet Explorer web browser that is actively being exploited by hackers.
The security flaw affects the IE 6, Internet Explorer 7 and Internet Explorer 8. Versions 9 and 10 are not affected by this vulnerability.
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
The company said that the "Fix it solution" is not intended to be a replacement for any security update.
"We recommend that you always install the latest security updates. However, we offer this Fix it solution as a workaround option for some scenarios."
Quick fix the vulnerability is available here: