Microsoft Internet Explorer Multiple Vulnerabilities

Secunia has released a “highly critical” vulnerability for various versions of Internet Explorer.

Versions Affected?

• Microsoft Internet Explorer 5.01
• Microsoft Internet Explorer 6.x
• Microsoft Internet Explorer 7.x

How can this vulnerability be exploited?

• An error in the way HTML with certain layout combinations is interpreted can be exploited to corrupt memory via a specially crafted web page.
• An error in the way the “by” property of an “animateMotion” SVG element is handled can be exploited to corrupt memory via a specially crafted web page assigning other DOM elements to the property.
• An error in the argument validation when processing images can be exploited to corrupt memory via a specially crafted web page.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

Solution

Microsoft has released patches to fight the vulnerability.

• Windows 2000 SP4 and Internet Explorer 5.01 SP4
• Windows 2000 SP4 and Internet Explorer 6 SP1
• Windows XP SP2 and Internet Explorer 6
• Windows Server 2003 SP1/SP2 and Internet Explorer 6
• Windows Server 2003 with SP1/SP2 for Itanium-based systems and Internet Explorer 6
• Windows XP SP2 and Internet Explorer 7
• Windows XP Professional x64 Edition (optionally with SP2) and Internet Explorer 7
• Windows Server 2003 SP1/SP2 and Internet Explorer 7
• Windows Server 2003 x64 Edition (optionally with SP2) and Internet Explorer 7
• Windows Server 2003 with SP1/SP2 for Itanium-based systems and Internet Explorer 7
• Windows Vista and Internet Explorer 7
• Windows Vista x64 Edition and Internet Explorer 7

ELSE USE FIREFOX and surf the internet without any problems.

Tags: IE bugs