 | |
| |
| 07 Feb 2011 | #1 |
| | MHTML 0-Day Vulnerability Won't be Patched Tomorrow Quote: Microsoft is expected to provide fixes for two zero-day vulnerabilities tomorrow, but they don't include the MHTML remote code execution flaw revealed at the end of January. In it's advance notification for the upcoming security bulletins, Microsoft announced that it will release two patches postponed last month. They will cover a use-after-free vulnerability in Internet Explorer, identified as CVE-2010-3971, and originally disclosed at the beginning of December as a denial of service condition. The flaw later proved exploitable for remote code execution and proof-of-concept attack code that bypasses DEP and ASLR protection was developed. |
My System Specs | |
 |
MHTML 0-Day Vulnerability Won't be Patched Tomorrow problems?
« Consumers urged to step up wireless security
|
Spamvertised Xerox document themed malware campaign spreading »
| Thread Tools | |
| Similar help and support threads for: MHTML 0-Day Vulnerability Won't be Patched Tomorrow | ||||
| Thread | Forum | |||
| Hackers pounce on just-patched Windows Media vulnerability | Security News | |||
| Yesterday XP, Today Win 7, Tomorrow Win 8, Day after tomorrow what? | Chillout Room | |||
| Google Chrome Patched Against Zero-Day Flash Vulnerability | Security News | |||
| March Patch Tuesday didn't address MHTML vulnerability | Security News | |||
| Zero day vulnerability found in Windows MHTML renderer | Security News | |||
All times are GMT -5. The time now is 04:39 AM.
