Internet Explorer security update
Report ID: MS201305002
Date Published: 15 May 2013
Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Internet Explorer 8
Internet Explorer 9
Summary
A security update for Internet Explorer has been released to address a remote code execution vulnerability, which was previously disclosed to the public.
Detailed Description
Microsoft has released a security update to address a vulnerability in Internet Explorer, which was previously disclosed to the public. The vulnerability was caused by memory corruption condition resulting from attempting to access a deleted object in memory. An attacker could exploit this condition to execute code in the context of a user and take control of the affected system.
This vulnerability has been resolved through the update by modifying the way that IE handles objects in memory. Users are recommended to install the update to protect their system from possible exploit attempts.
CVE Reference
CVE-2013-1347
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-038)
F-Secure Health Check
F-Secure's free tool, the Health Check, detects if your system is missing the patch for the vulnerability covered in this report.
