Vulnerability in Internet Explorer Could Allow Remote Code Execution (2458511)

Remote code execution vulnerability exists in all supported versions of Internet Explorer. The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. Exploitation requires a user to visit a malicious web page.

Affected Software

Internet Explorer 6
Windows XP Service Pack 3 Internet Explorer 6
Windows XP Professional x64 Edition Service Pack 2 Internet Explorer 6
Windows Server 2003 Service Pack 2 Internet Explorer 6
Windows Server 2003 x64 Edition Service Pack 2 Internet Explorers 6
Windows Server 2003 with SP2 for Itanium-based Systems Internet Explorer 6

Internet Explorer 7
Windows XP Service Pack 3 Internet Explorer 7
Windows XP Professional x64 Edition Service Pack 2 Internet Explorer 7
Windows Server 2003 Service Pack 2 Internet Explorer 7
Windows Server 2003 x64 Edition Service Pack 2 Internet Explorers 7
Windows Server 2003 with SP2 for Itanium-based Systems Internet Explorer 7
Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Internet Explorers 7
Windows Vista x64 Edition Service Pack 1 and Internet Explorer 7
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Internet Explorer 7
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Internet Explorer 7
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Internet Explorer 7
Windows Server 2008 for Itanium-based Systems Service Pack 2

Internet Explorer 8
Windows XP Service Pack 3 Internet Explorer 8
Windows XP Professional x64 Edition Service Pack 2 Internet Explorer 8
Windows Server 2003 Service Pack 2 Internet Explorer 8
Windows Server 2003 x64 Edition Service Pack 2 Internet Explorer 8
Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Internet Explorers 8
Windows Vista x64 Edition Service Pack 1 and Internet Explorer 8
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Internet Explorer 8
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Internet Explorer 8
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for 32-bit Systems Internet Explorer 8
Windows 7 for x64-based Systems Internet Explorer 8
Windows Server 2008 R2 for x64-based Systems Internet Explorer 8
Windows Server 2008 R2 for Itanium-based Systems Internet Explorer 8

The vendor has released a mitigation process for this issue:
https://support.microsoft.com/kb/2458511

For detailed information please go through the below link,
https://www.microsoft.com/technet/security/advisory/2458511.mspx

Anand Yadav

Anand Yadav

Follow @

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x