Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Cumulative Security Update for Internet Explorer


Report ID: Ms201403001
Date Published: March 11, 2014

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Internet Explorer 11
Internet Explorer 10
Internet Explorer 9
Internet Explorer 8
Internet Explorer 7
Internet Explorer 6




Summary

Microsoft has released a cumulative security update that addresses multiple vulnerabilities reported in the Internet Explorer web browser. The most severe of these vulnerabilities, if successfully exploited, could allow remote code execution.



Detailed Description

Multiple vulnerabilities were reported in Internet Explorer related to improper handling of objects in memory which, if successfully exploited, could allow an attacker to run arbitrary code in the context of the current user. If the user has full administrative rights, the attacker may gain complete control of the compromised system.

To exploit these vulnerabilities, the user must be lured into viewing specially crafted webpages.



CVE Reference

CVE-2014-0297
CVE-2014-0298
CVE-2014-0299
CVE-2014-0302
CVE-2014-0303
CVE-2014-0304
CVE-2014-0305
CVE-2014-0306
CVE-2014-0307
CVE-2014-0308
CVE-2014-0309
CVE-2014-0311
CVE-2014-0312
CVE-2014-0313
CVE-2014-0314
CVE-2014-0321
CVE-2014-0322
CVE-2014-0324



Solution

Install the latest security patch for applicable systems, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms14-012)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.