Microsoft Internet Explorer Multiple Vulnerabilities (2909921) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS14-010.

Impact

Successful exploitation will allow attackers to corrupt memory by the execution of arbitrary code, bypass certain security restrictions and compromise a user's system. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms14-010

Insight

Multiple flaws are due to, - An unspecified error exists during validation of local file installation and secure creation of registry keys. - An error within the VBScript engine. - Multiple unspecified errors.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x/11.x

Detection

Get the vulnerable file version and check appropriate patch is applied or not.

References

http://secunia.com/advisories/56796
http://www.osvdb.com/103168
https://support.microsoft.com/kb/2909921
https://technet.microsoft.com/en-us/security/bulletin/ms14-010

Updated on 2015-03-25

Severity

Classification

Related Vulnerabilities

Microsoft IIS FTP Server 'Malformed FTP List Request' DOS Vulnerability
Microsoft Groove Remote Code Execution Vulnerability (2494047)
Microsoft Comctl32 Integer Overflow Vulnerability (2864058)
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)

Take action and discover your vulnerabilities