Related Links

Top 5 Stories


Microsoft suffers continued Internet Explorer hits on patch Tuesday

10 March 2010

Microsoft took customers through a fairly sedate patch Tuesday this week, releasing just two bulletins addressing issues in its applications. However, all did not go without a hitch, as yet another zero-day vulnerability emerged for Internet Explorer.

As Microsoft ushered out patches for Windows Movie Maker and Microsoft Excel, it mentioned in a separate advisory that a vulnerability discovered in Internet Explorer 6 and 7 could allow remote code execution.

"The vulnerability exists due to an invalid pointer reference being used within Internet Explorer," Microsoft said in its advisory. "It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted." The company said that it was aware of targeted attacks in the wild that attempted to take advantage of this vulnerability.

The security updates released by Microsoft today covered MS10-016, which could allow remote code execution in Windows Movie Maker, and Microsoft Producer 2003. The vulnerability does not affect Windows Movie Maker, which runs on Windows Vista and Windows 7. The other update, addressing security bulletin MS10-017, resolves seven privately reported vulnerabilities in Excel, which could also allow remote code execution if a malicious file was opened.

Several flaws in Internet Explorer remain unpatched. Advisory 980088, which allows for information disclosure in Internet Explorer, is still an issue, although Microsoft did publish a list of workarounds at the time.

Neither did it fix the 'F1' bug, announced at the start of this month by a researcher who did not responsibly disclose the vulnerability to Microsoft. That flaw enables remote code execution if a user can be lured into hitting the F1 key and activating Microsoft's help file system on a maliciously crafted web page.

"We continue to monitor the threat landscape around Security Advisory 981169 regarding a vulnerability in VBScript that could allow remote code execution," said Jerry Bryant, senior security communications manager lead at Microsoft. "We are not currently aware of any active attacks but encourage customers to review the advisory and apply the suggested workarounds where possible." 

This article is featured in:
Application Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×