BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Microsoft Internet Explorer ReleaseInterface Remote Code Execution

Disclosed January 1, 2011    Fully Patched

Vulnerability Description:

Microsoft Internet Explorer 8 and earlier contains a vulnerability in the ReleaseInterface function of mshtml.dll. Successful exploitation could allow remote execution of arbitrary code.

Vendors:

Microsoft

Vulnerable Software/Devices:

Internet Explorer 8 and possibly other versions

Vulnerability Severity:

High

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

  • BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
    • Retina Audit 13901 - Microsoft Internet Explorer ReleaseInterface Remote Code Execution (Zero-Day)

Mitigation:

Apply appropriate patch from MS11-018.

Links:

CVE(s):

None

Leave a Reply