OOB Update for Internet Explorer MS10-018

Published: 2010-03-29
Last Updated: 2011-01-24 23:43:11 UTC
by Adrien de Beaupre (Version: 1)
2 comment(s)

Microsoft Security Bulletin MS10-018 - Critical

This update resolves 10 different vulnerabilities in Internet Explorer, of which the most severe impact can be execution of arbitrary code. All versions of IE from 5.01 to 8.0 are affected to varying degrees. Both servers and workstations should be updated. The update replaces MS10-002, and addresses the MS Advisory 981374 vulnerability. Time to patch! It is a cumulative update.

Here is a listing of the related vulnerabilities and CVE entries:
Uninitialized Memory Corruption Vulnerability - CVE-2010-0267   
Post Encoding Information Disclosure Vulnerability - CVE-2010-0488   
Race Condition Memory Corruption Vulnerability - CVE-2010-0489   
Uninitialized Memory Corruption Vulnerability - CVE-2010-0490   
HTML Object Memory Corruption Vulnerability - CVE-2010-0491   
HTML Object Memory Corruption Vulnerability - CVE-2010-0492   
HTML Element Cross-Domain Vulnerability - CVE-2010-0494   
Memory Corruption Vulnerability - CVE-2010-0805   
Uninitialized Memory Corruption Vulnerability - CVE-2010-0806   
HTML Rendering Memory Corruption Vulnerability - CVE-2010-0807

http://blogs.technet.com/msrc/archive/2010/03/30/security-bulletin-ms10-018-released.aspx

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

2 comment(s)

Comments

I've noticed Microsoft has been releasing a few OOB updates lately, do you think they're finally realizing that you can't just patch your systems once a month?
yesterday, i got a new form of ie thread lock exploit. this is what happened multiple times in 1 day. while browsing, i would get that popup that said internet explorer quit respond. instead of locking up and turning white, a 2nd popup came up instead saying that internet explorer was canceled out and restarted even though it was untrue. there are other new issues added to the old but in due time if your interested in the info

Diary Archives