Security Alerts




Two Critical IE Bulletins Fix Zero Day Vulnerability and More

Severity: High Summary: These vulnerabilities affect: Internet Explorer (IE) versions 6 – 10 How an attacker exploits them:  Typically, by enticing one of your users to visit a web page with malicious content Impact:  In the worst case, an attacker can execute code on your user’s computer, often gaining complete control of it What to do:  Install Microsoft’s IE updates immediately, or let Windows Automatic Update do it for you Exposure: As part of today’s Patch Day, Microsoft released two security bulletins ( MS13-037 / MS13-038 ) describing a dozen new security vulnerabilities that affect all current versions of Internet Explorer (IE). They rate both updates as Critical . Over the last few months , most of the new flaws affecting IE are what developers call  “use after free” vulnerabilities  – a type of memory corruption flaw that attackers can leverage to execute arbitrary code.

Source:
Two Critical IE Bulletins Fix Zero Day Vulnerability and More
May 14, 2013 — Category: Security Alerts