Thread: Cumulative Update for Internet Explorer

Within the set of security bulletins released by Microsoft and the one already carried out a summary, there is the announcement of a cumulative update for Internet Explorer 5.01, 6, 7 and 8, which also solves six new vulnerabilities.

Two issues can allow an attacker to obtain system data via a specially crafted web page. The first through an error checking permissions on the use of the protocol file and a second problem arises in the API toStaticHTML.

The other four vulnerabilities addressed reside in memory overflow errors when accessing uninitialized or deleted objects in Internet Explorer. This could be exploited by remote attackers to execute arbitrary code via a specially crafted web page.

This patch, to be cumulative, including all previous updates. We recommend upgrading your browser through Windows Update or by downloading the patches as a platform from page security bulletin.

Microsoft has released security bulletin MS10-018 critical nature, which are solved up to ten different Internet Explorer vulnerabilities. While urgent publication is due to last recently announced vulnerability and is being actively used.

The vulnerability has led to the publication of the bulletin affects Internet Explorer 6 and 7. With the CVE-2010-0806 assigned, is in iepeers.dll and is caused by an invalid pointer that could be accessed under certain conditions, after releasing the target object. We discussed earlier this problem in one-to-day.

Release of the update can be downloaded through Windows Update or Microsoft consulting bulletin which includes the direct download addresses of each patch. Given the severity of vulnerabilities recommend upgrading your browser as soon as possible.