Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free (MS13-059)
16 September 2013
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
IT security tops the list of skills that teams need most, and one out of five reported having difficulty finding skilled talent for cloud initiatives. Companies are also looking for pros who have skills in network engineering, systems engineering, IT architecture and network operations.
The PCI Security Standards Council published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision includes minor updates and clarifications, and addresses vulnerabilities within the SSL encryption protocol that can put payment data at risk.
According to MIT, Harvard, and HackerOne researchers, the answer is not throwing more money at bug hunters, but incentivize them to find the the same vulnerabilities that the offense researchers have found.