The patch, which addresses the recent IE exploit that can compromise fully patched Microsoft machines, is being offered by a new group known as ZERT (the Zeroday Emergency Response Team). ZERT is comprised of volunteers and includes some well-known members of the security community with strong reverse-engineering skills. One of the team members is Ilfak Guilfanov, who wrote the unofficial WMF patch in late December 2005.
ZERT's patch is unofficial and not a substitute for any forthcoming patch from Microsoft, but offers immediate protection to vulnerable systems that are not likely to receive a patch from Microsoft for several weeks. Earlier this week, Microsoft confirmed that a new exploit, capable of compromising fully patched Windows systems, has been seen in the wild.
Microsoft normally offers security patches only on a slow, monthly patch cycle - which malicious hackers are using to their full advantage by releasing their exploits on or around the software giant's "patch Tuesday." Microsoft rarely offers patches outside of this monthly cycle, giving hackers free reign for at least a month as they attempt to exploit many of the hundreds of millions of unpatched Windows machines on the Internet.
Posted by: Kelly Martin