Release date:
Updated on:
Affected Systems:
Microsoft Internet Explorer
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2012-1524
Microsoft Internet Explorer is a Web browser launched by Microsoft.
Internet Explorer has a security vulnerability when accessing deleted objects. attackers can execute arbitrary code to destroy the memory.
<* Source: Microsoft
*>
Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
* Set the security areas of the Internet and local intranets to "high" to block ActiveX controls and activity scripts in these areas.
* Prompt or disable before configuring IE to run the activity script.
Vendor patch:
Microsoft
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.microsoft.com/windows/ie/default.asp