Friday, January 15, 2010

Microsoft Internet Explorer Arbitrary Code Execution

A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and can be exploited to trigger the use of a freed object via a specially crafted web page.

Successful exploitation allows execution of arbitrary code.

NOTE: This vulnerability is currently being actively exploited.


See also: 0-day vulnerability in Internet Explorer 6, 7 and 8

No comments: