Gladiator Research and Security - » Vulnerability in Internet Explorer Could Allow Remote Code Execution (CVE-2010-3962)

Links

Other Posts: November Microsoft Patch Tuesday; Multiple Adobe Product Vulnerabilities

Vulnerability in Internet Explorer Could Allow Remote Code Execution (CVE-2010-3962)

Posted on November 5th, 2010 by Benjamin Harbin

Microsoft has released information about a new vulnerability that could potentially affect many Internet Explorer users. This vulnerability could potentially allow remote code execution if the victim visits certain malicious websites. Microsoft is aware of the vulnerability and working to quickly release patches. Currently, all production versions of Internet Explorer are affected and this includes versions 6, 7, and 8. The Internet Explorer 9 beta is not vulnerable to this vulnerability. To mitigate the vulnerability, users are advised to upgrade to Internet Explorer 8 and enable Data Execution Prevention (DEP). Disabling scripting or ActiveX controls will also prevent the malicious scripts from running.

Reference Links:

Microsoft Security Response Center (http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx)
Microsoft Security Advisory (http://www.microsoft.com/technet/security/advisory/2458511.mspx)

Reader Comments

Sorry, comments are closed.