Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Internet Explorer cumulative security update


Report ID: MS201204001
Date Published: 12 April 2012

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9




Summary

Five reported vulnerabilities in Internet Explorer could be exploited by a remote attacker to run arbitrary code on an affected system.



Detailed Description

Microsoft has released a cumulative security update for Internet Explorer (IE) to address five reported vulnerabilities, each of which could allow arbitrary code execution on an affected system. The vulnerabilities were caused by one of the following conditions:

  • improper handling when printing a specially crafted HTML page
  • attempting to access a deleted object, which causes memory corruption

 

Each vulnerability issue has been resolved by modifying the way IE handles objects in memory, and the printing of HTML contents. Users are recommended to install this latest update to protect their system from potential exploit attempts.

 



CVE Reference

CVE-2012-0168
CVE-2012-0169
CVE-2012-0170
CVE-2012-0171
CVE-2012-0172



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-023)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.