A cumulative security update has been issued for Internet Explorer, addressing seven reported vulnerabilities that could lead to arbitrary code execution and information disclosure.

 

Microsoft has issued a cumulative security update for Internet Explorer, which addresses multiple vulnerabilities that could result in remote code execution and information disclosure in affected systems. Seven vulnerabilities that were identified and fixed are as follows:

 

Two remote code execution vulnerabilities that resulted when Internet Explorer try to access an object that has been incorrectly initialized or deleted. These issues have been fixed in the update by modifying the way IE handles objects in memory. 

 

Two information disclosure vulnerabilities that are present when Internet Explorer incorrectly allows cached data to be rendered as HTML, potentially bypassing domain restriction. The update resolves these issues by modifying the way IE handles script.

 

Two remote code execution vulnerabilities that resulted when Internet Explorer attempts to access an object that has been incorrectly initialized or deleted. These issues have been fixed in the update by modifying the way IE handles objects in memory. 

 

A remote code execution vulnerability that resulted when Internet Explorer try to access an object that has not been initialized or has been deleted. This issue has been fixed in the update by modifying the way IE handles objects in memory.

Install the latest patch for applicable version, available from (http://www.microsoft.com/technet/security/bulletin/MS10-090.mspx)

Microsoft Security Bulletin MS10-090 (http://www.microsoft.com/technet/security/bulletin/MS10-090.mspx)