Microsoft Internet Explorer Vulnerabilities

Source: US-CERT

Systems Affected

* Microsoft Internet Explorer

Overview

Microsoft has released out-of-band updates to address critical
vulnerabilities in Internet Explorer.

I. Description

Microsoft has released updates for multiple vulnerabilities in
Internet Explorer, including the vulnerability detailed in
Microsoft Security Advisory (981374) and US-CERT Vulnerability Note
VU#744549.

II. Impact

By convincing a user to view a specially crafted HTML document or
Microsoft Office document, an attacker may be able to execute
arbitrary code with the privileges of the user.

III. Solution

Apply updates

Microsoft has released updates to address these vulnerabilities.
Please see Microsoft Security Bulletin MS10-018 for more
information.

Apply workarounds

Microsoft has provided workarounds for some of the vulnerabilities
in MS10-018.

IV. References

* Microsoft Security Bulletin MS10-018 -
<http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx>

* Microsoft Security Advisory (981374) -
<http://www.microsoft.com/technet/security/advisory/981374.mspx>

* Microsoft Internet Explorer iepeers.dll use-after-free
vulnerability -
<http://www.kb.cert.org/vuls/id/744549>

Leave a Reply

You must be logged in to post a comment.