Microsoft is investigating public report of new vulnerability in supported versions of Internet Explorer. "The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution." Microsoft states that they are aware of targeted attacks trying to exploit the vulnerability.
Information about workarounds and mitigations for the issue can be read from Microsoft's security advisory.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment