Risks
Advisories
Browse
or
or
US-CERT Technical Cyber Security Alert - Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792 (US-CERT Alert TA13-015A)
National Cyber Awareness System

US-CERT Alert TA13-015A
Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

Original release date: January 15, 2013
Last revised: --

Systems Affected

     * Microsoft Internet Explorer 6
     * Microsoft Internet Explorer 7
     * Microsoft Internet Explorer 8


Overview

   Microsoft has released Security Bulletin MS13-008 to address the
   CButton use-after-free vulnerability (CVE-2012-4792).


Description

   Microsoft Internet Explorer versions 6, 7, and 8 are susceptible to
   a use-after-free vulnerability. This vulnerability is being
   actively exploited in the wild. Microsoft has released Security
   Bulletin MS13-008 to address this vulnerability.

   Additional information is available in Vulnerability Note
   VU#154201.


Impact

   A remote, unauthenticated attacker could execute arbitrary code,
   cause a denial of service, or gain unauthorized access to your
   files or system.


Solution

   US-CERT recommends that Internet Explorer users run Windows Update
   as soon as possible to apply the MS13-008 update.


Revision History

  January 15, 2013: Initial release

 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA13-015A Feedback VU#154201" in
   the subject.
 ____________________________________________________________________

   Produced by US-CERT, a government organization.
 ____________________________________________________________________

This product is provided subject to this Notification:
http://www.us-cert.gov/privacy/notification.html

Privacy & Use policy:
http://www.us-cert.gov/privacy/

This document can also be found at
http://www.us-cert.gov/cas/techalerts/TA13-015A.html

For instructions on subscribing to or unsubscribing from this
mailing list, visit http://www.us-cert.gov/cas/signup.html




Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //