Microsoft Confirms Internet Explorer Vulnerability [Security]
Microsoft has confirmed a vulnerability in several Internet Explorer versions which has supposedly been used in the Chinese attack against Google and other companies. The vulnerability exists in Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 but the attacks seem to have been only targeting Internet Explorer 6 systems according to information posted in the vulnerability description at the Microsoft website.
The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.
Microsoft has confirmed a vulnerability in several Internet Explorer versions which has supposedly been used in the Chinese attack against Google and other companies. The vulnerability exists in Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 but the attacks seem to have been only targeting Internet Explorer 6 systems according to information posted in the vulnerability description at the Microsoft website.
The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.
