Microsoft Patches Critical IE Flaw Exploited in the Wild

Tuesday, August 18, 2015

Mike Lennon

306708aaf995cf6a77d3083885b60907

Microsoft issued an emergency out-of-band update on Tuesday to fix a critical vulnerability (CVE-2015-2502) being actively exploited in the wild and affecting all versions of Internet Explorer from IE 7 through 11.

The flaw is a remote code execution vulnerability that exists when Internet Explorer improperly accesses objects in memory, and if exploited could corrupt memory and allow an attacker to execute malicious code on a system with the access rights of the current user.

The flaw could be combined with other vulnerabilities to elevate to administrator privileges, Bobby Kuzma, systems engineer at Core Security, told SecurityWeek.

Read the More at SecurityWeek

Possibly Related Articles:
13836
Enterprise Security CVE Vulnerabilities
Internet Explorer vulnerability patch CVE-2015-2502 Microsoft
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.