Microsoft Internet Explorer Unspecified Code Execution Vulnerability

Criticality level: Extremely Critical

A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and may be related to handling of "<img>" arrays. No further information is currently available.

Successful exploitation allows execution of arbitrary code.

NOTE: * This is currently being actively exploited. *

The vulnerability is reported on a fully patched Windows XP SP3. Other versions may also be affected.


Secunia Advisory

and

Microsoft Security Advisory

**** Fixed!****

 

Thanks for posting that helpful information.

 

Internet Explorer Fix it available now; Security Update scheduled for Friday

Microsoft released a Fix it that is available to address the issue. It is an easy, one-click solution that will help protect your computer right away. It will not affect your ability to browse the web, and it does not require a reboot of your computer.

Microsoft Security Response Center

 

Thanks for the heads up - fixed

 

Nice. Glad Microsoft is releasing an official security update on Friday to fix this issue.

 

The update was issued, see Microsoft Security Bulletin MS12-063 - Critical - Cumulative Security Update for Internet Explorer (2744842)


Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

 

I got the update installed on my system today and had no problems.