Internet Explorer cumulative security update
Report ID: MS201204001
Date Published: 12 April 2012
Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Summary
Five reported vulnerabilities in Internet Explorer could be exploited by a remote attacker to run arbitrary code on an affected system.
Detailed Description
Microsoft has released a cumulative security update for Internet Explorer (IE) to address five reported vulnerabilities, each of which could allow arbitrary code execution on an affected system. The vulnerabilities were caused by one of the following conditions:
- improper handling when printing a specially crafted HTML page
- attempting to access a deleted object, which causes memory corruption
Each vulnerability issue has been resolved by modifying the way IE handles objects in memory, and the printing of HTML contents. Users are recommended to install this latest update to protect their system from potential exploit attempts.
CVE Reference
CVE-2012-0168
CVE-2012-0169
CVE-2012-0170
CVE-2012-0171
CVE-2012-0172
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-023)
