Microsoft has published an advisory in which they state that they are investigating public reports of a vulnerability affecting Internet Explorer web browser versions 6 and 7. Microsoft states that Internet Explorer 8 version is not affected.
The vulnerability is caused by an invalid pointer reference being used within Internet Explorer. Under specific conditions it is possible to access invalid pointer after an object is deleted. By exploiting this vulnerability in specific way, Internet Explorer can be used to allow remote code execution.
People in Microsoft are aware of targeted attacks attempting to use the vulnerability. They state that they will continue to monitor the situation and take appropriate action to protect the customers.
The advisory can be found here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment