For the second time in as many weeks a group of security professionals has released a third-party fix for a Windows flaw that is actively being used in cyberattacks.
The group, calling itself the Zeroday Emergency Response Team, or ZERT, created the patch so Windows users can protect their PCs while Microsoft works on an official update. People have a choice of third-party fixes. Security company Determina on Friday released a patch it authored for the same flaw.
The flaw affects Windows 2000, Windows XP and Windows Server 2003, and could be exploited via the Internet Explorer Web browser through a component called WebViewFolderIcon, Microsoft said in a security advisory issued Thursday. Windows Shell is the part of the operating system that presents the user interface.