Microsoft has released a workaround to a serious flaw in its Internet Explorer browser, but has not said when it will fully solve the problem.
First discovered nine months ago, the flaw is in the ActiveX scripting component of the browser. The vulnerability was recently used by malicious code called Download.Ject to download a Trojan onto PCs visiting certain web pages.
It is so serious that last week the US Computer Emergency Readiness Team advised companies to consider using other browsers for security reasons.
The workaround, issued on Friday evening, does not patch the flaw but "improves system resiliency to protect against the Download.Ject attack", according to Microsoft.
This configuration change blocks some ActiveX components from writing information onto the hard drive.
It is available from the Windows Update service for XP, Server 2003 and 2000 operating systems.
But the workaround does not apply to older operating systems, and users have not yet been given a date for an alternative.
The Microsoft statement continues: "In addition to this configuration change, which will protect customers against the immediate reported threats, Microsoft is working to provide a series of security updates to Internet Explorer in coming weeks that will provide additional protection for our customers."
The company claimed that XP Service Pack 2, due out "in the summer", will contain more security fixes. Service Pack 2 was originally scheduled for release last month.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally