Internet Explorer cumulative security update
Report ID: MS201211001
Date Published: 14 November 2012
Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Internet Explorer 9
Summary
A security update for Internet Explorer has been released to address three identified vulnerabilities that each could lead to remote code execution.
Detailed Description
Microsoft has released a cumulative security update to address three vulnerabilities in Internet Explorer (IE). This update only concerns IE9 users as the other versions are not affected. Each of the three vulnerabilities could be exploited into allowing an attacker to execute code and take control of an affected system. They were caused by a memory corruption that resulted when IE attempts to access an uninitialized or a deleted object.
The vulnerabilities can be patched by downloading the latest security update. Users are recommended to install this update to protect their system from potential exploit attempts.
CVE Reference
CVE-2012-1538, CVE-2012-1539, CVE-2012-4775
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-071)
F-Secure Health Check
F-Secure's free tool, the Health Check, detects if your system is missing the patch for the vulnerability covered in this report.
