Microsoft Internet Explorer Use-After-Free Vulnerability

Last Update Date: 2 May 2014 Release Date: 28 Apr 2014 5249 Views

RISK: Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

A vulnerability has been identified in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a use-after-free error, which can be exploited to cause memory corruption.

Successful exploitation allows execution of arbitrary code.

* Note:

This vulnerability is actively exploited in the wild in limited, targeted attacks.
No official solution is currently available.

Impact

Remote Code Execution

System / Technologies affected

Microsoft Internet Explorer versions 6, 7, 8, 9, 10, 11

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

No official solution is currently available.
A workaround is described in the vendor's advisory at:
https://technet.microsoft.com/en-us/library/security/2963983
[Updated on 02/05/2014]
Apply update : https://technet.microsoft.com/library/security/ms14-021

Vulnerability Identifier

CVE-2014-1776

Source

Related Link

Share with

Google Chrome Multiple Vulnerabilities

29 Apr 2014 3926 Views

Cisco NX-OS Bypass Security Controls Vulnerability

7 May 2014 3604 Views