Risks
Advisories
Browse
or
or
US-CERT Technical Cyber Security Alert - Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792 (US-CERT Alert TA13-015A)
National Cyber Awareness System

US-CERT Alert TA13-015A
Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

Original release date: January 15, 2013
Last revised: --

Systems Affected

     * Microsoft Internet Explorer 6
     * Microsoft Internet Explorer 7
     * Microsoft Internet Explorer 8


Overview

   Microsoft has released Security Bulletin MS13-008 to address the
   CButton use-after-free vulnerability (CVE-2012-4792).


Description

   Microsoft Internet Explorer versions 6, 7, and 8 are susceptible to
   a use-after-free vulnerability. This vulnerability is being
   actively exploited in the wild. Microsoft has released Security
   Bulletin MS13-008 to address this vulnerability.

   Additional information is available in Vulnerability Note
   VU#154201.


Impact

   A remote, unauthenticated attacker could execute arbitrary code,
   cause a denial of service, or gain unauthorized access to your
   files or system.


Solution

   US-CERT recommends that Internet Explorer users run Windows Update
   as soon as possible to apply the MS13-008 update.


Revision History

  January 15, 2013: Initial release

 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA13-015A Feedback VU#154201" in
   the subject.
 ____________________________________________________________________

   Produced by US-CERT, a government organization.
 ____________________________________________________________________

This product is provided subject to this Notification:
http://www.us-cert.gov/privacy/notification.html

Privacy & Use policy:
http://www.us-cert.gov/privacy/

This document can also be found at
http://www.us-cert.gov/cas/techalerts/TA13-015A.html

For instructions on subscribing to or unsubscribing from this
mailing list, visit http://www.us-cert.gov/cas/signup.html




Spotlight

How security analytics help identify and manage breaches

Posted on 30 July 2014.  |  Steve Dodson, CTO at Prelert, illustrates the importance of security analytics in today's complex security architectures, talks about the most significant challenges involved in getting usable information from massive data sets, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //