This update resolves 10 different vulnerabilities in Internet Explorer, of which the most severe impact can be execution of arbitrary code. All versions of IE from 5.01 to 8.0 are affected to varying degrees. Both servers and workstations should be updated. The update replaces MS10-002, and addresses the MS Advisory 981374 vulnerability. Time to patch! It is a cumulative update.
Here is a listing of the related vulnerabilities and CVE entries:
Uninitialized Memory Corruption Vulnerability - CVE-2010-0267
Post Encoding Information Disclosure Vulnerability - CVE-2010-0488
Race Condition Memory Corruption Vulnerability - CVE-2010-0489
Uninitialized Memory Corruption Vulnerability - CVE-2010-0490
HTML Object Memory Corruption Vulnerability - CVE-2010-0491
HTML Object Memory Corruption Vulnerability - CVE-2010-0492
HTML Element Cross-Domain Vulnerability - CVE-2010-0494
Memory Corruption Vulnerability - CVE-2010-0805
Uninitialized Memory Corruption Vulnerability - CVE-2010-0806
HTML Rendering Memory Corruption Vulnerability - CVE-2010-0807
http://blogs.technet.com/msrc/archive/2010/03/30/security-bulletin-ms10-018-released.aspx
No comments:
Post a Comment