Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Microsoft Announces Out-of-Band Security Bulletin for the IE Vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Announces Out-of-Band Security Bulletin for the IE Vulnerability

Published: 2010-01-20
Last Updated: 2010-01-20 22:03:06 UTC
by Lenny Zeltser (Version: 2)
0 comment(s)

Microsoft posted "an advance notification of one out-of-band security bulletin that Microsoft is intending to release on January 21, 2010. The bulletin will be for Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated Critical that are not currently under active attack."

For details, see:

http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx

Update:

Microsoft also posted a comprehensive overview of the exploits that target this vulnerability. See:

http://blogs.technet.com/srd/archive/2010/01/20/reports-of-dep-being-bypassed.aspx

 -- Lenny

Lenny Zeltser - Security Consulting
Lenny teaches malware analysis at SANS Institute. You can find him on Twitter.

Keywords:
0 comment(s)
Diary Archives