Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Internet Explorer cumulative security update


Report ID: MS201211001
Date Published: 14 November 2012

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Internet Explorer 9




Summary

A security update for Internet Explorer has been released to address three identified vulnerabilities that each could lead to remote code execution.



Detailed Description

Microsoft has released a cumulative security update to address three vulnerabilities in Internet Explorer (IE). This update only concerns IE9 users as the other versions are not affected. Each of the three vulnerabilities could be exploited into allowing an attacker to execute code and take control of an affected system. They were caused by a memory corruption that resulted when IE attempts to access an uninitialized or a deleted object.

The vulnerabilities can be patched by downloading the latest security update. Users are recommended to install this update to protect their system from potential exploit attempts.



CVE Reference

CVE-2012-1538, CVE-2012-1539, CVE-2012-4775



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-071)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.