Blog | G5 Cyber Security

Flaw in Core IE 8 Component Could Enable Remote Attacks

There s an unpatched vulnerability affecting Internet Explorer 8 running on most current versions of Windows that could give attackers the ability to run code on remote machines. The flaw is a memory leak that gives attackers key information on the location of a specific address in memory, even with memory protections such as ASLR enabled. The vulnerability, published by Ruben Santamarta of Wintercore, is in mshtml.dll, the Microsoft HTML viewer for IE8. The leak affects IE8 running on Windows XP, Windows Vista and Windows 7 32-bit and 64-bit editions.

Source: https://threatpost.com/flaw-core-ie-8-component-could-enable-remote-attacks-070610/74177/

Exit mobile version