New Microsoft Security Advisory: 961051 – Vulnerability in Internet Explorer Could Allow Remote Code Execution

Just an FYI that we just released a new advisory for an IE related issue.  The intro and a link are below:


Microsoft is investigating new public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.

At this time, we are aware only of limited attacks that attempt to use this vulnerability. Our investigation of these attacks so far has verified that they are not successful against customers who have applied the workarounds listed in this advisory. Additionally, there are mitigations that increase the difficulty of exploiting this vulnerability.

To continue reading see

The official Knowledge Base article for this is here:

J.C. Hornbeck | Manageability Knowledge Engineer