A new vulnerability has been discovered in Internet Explorer that is currently being used in limited attacks. Websense Security Labs is monitoring the situation and will update this blog post as we discover more. Malicious hackers could set up rigged Web sites or insert malicious code into legitimate, compromised sites to infect visitors. This vulnerability could be used for remote code execution. Websense customers are protected by our real-time analytics in ACE.
Enabling DEP and Protected Mode in Internet Explorer can mitigate this vulnerability.
For more information see: Microsoft Security Advisory (2458511), CVE-2010-3962, US-CERT advisory
View full post on Security Labs
Related Posts
- Vulnerability in Internet Explorer Could Allow Remote Code Execution (CVE-2010-3962), (Wed, Nov 3rd)
Microsoft has announced a vulnerability in all currently-supported versions of Internet Explorer (6 through 8) that could all the execution of arbitrary code (advisory 2458511.) This would likely be ... - autorun.inf and .lnk Malware (NOT ‘Vulnerability in Windows Shell Could Allow Remote Code Execution’ 2286198), (Wed, Jul 21st)
Note that this malware does NOT exploit 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198. It simply uses the autorun.inf to launch the executable, or waits for the user to do... - Oracle Java SE and Java for Business ‘MixerSequencer’ Remote Code Execution Vulnerability, (Sun, May 23rd)
SecurityFocus has published Bugtraq ID39077 vulnerability for Java SE and Java for Business , which allows attackers to remote execute code context of the user running the affected application.
Read t... - Internet Explorer Vulnerability with workaround
In all currently supported Windows operating systems a security vulnerability in the so-called MHTML handler can lead to information disclosure; speculations in the media indicate possibly even worse ... - New Internet Explorer Vulnerability Discovered
Microsoft has released an urgent security advisory describing a new vulnerability in Internet Explorer that allows for malicious code to be run on user systems if they visit a malicious website. Inte... - Exploit Leads to Remote Code Execution
Malware authors use existing software vulnerabilities in order to place their piece of malicious code into the victims system - WebMaster (news@malwarecity.com) on MalwareCity Blog... - New Zero-Day Vulnerability Hits Internet Explorer
Microsoft recently released a security advisory for a vulnerability in Internet Explorer which allows remote code execution. According to the report, the vulnerability—which affects Internet Explorer... - CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept
I couldn’t find any public PoC/exploit for this phpMyAdmin vulnerability, despite it being a serious bug affecting a popular open-source project.
I think this vulnerability is a nice reminder t... - Vulnerabilities in SMB Could Allow Remote Code Execution
Published: September 08, 2009 Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation. We are not aware of attacks that try to... - Internet Explorer 9 is out
Microsoft has released the webbrowser Internet Explorer in version 9 – next to more speed it also adds a bit of security as every new IE version does. For example, the new built-in tracking prot...
Posted on 04 November 2010. Tags: Code, CVE20103962, Execution, Explorer, Internet, Remote, Vulnerability
