Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » HP releases details, exploit code for unpatched IE flaws

HP releases details, exploit code for unpatched IE flaws

2015/06/22

Threatpost - (International) Security researchers at Hewlett-Packard Company's Zero Day Initiative released details on unpatched Microsoft Internet Explorer vulnerabilities which could allow attackers to fully bypass address space layout randomization (ASLR) mitigation in the browser. [ed.: more importantly, MS has apparently stated they will not patch this vulnerability, so organizations should consider running a whitelist solution to protect themselves. ]

Source: https://threatpost.com/hp-releases-details-exploit-code-for-unpatched-ie-flaws/113408

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:31