We have another IE flaw, one which applies to IE6 though IE11 and officially all versions of Windows since Vista; unofficially it will also effect the non-supported legacy OS versions as well. This particular issue is not a memory overflow but instead is what is referred to as use-after-free which does make it somewhat harder to craft a webpage to take advantage of. Corporate users of the Enhanced Mitigation Experience Toolkit should make sure their users are up to date while the rest of us who are using IE should consider Protected Mode or upping your Security to high. Pop by The Register for a link to the full description of the vulnerability.
"The flaw means the browser “may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer"."
Here is some more Tech News from around the web:
- Watch out! KILLER HP firmware update bricks ProLiant server mobos @ The Register
- Microsoft: The MORE Surfaces it sells, the MORE money it loses @ The Register
- The Hackaday Prize: You Build Open Hardware, We Send You to Space @ Hack a Day
- Lost treasure of Atari REVEALED @ The Register