Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » KB2934088

Overview

Id KB2934088
Name MS 2934088 Workaround for Vulnerability in Internet Explorer (Enabled) (See Notes)
Vendor Name microsoft
Product Windows
Content Type Recommended Recommended
Language(s) ENGLISH 
Operating System(s) Windows 
Released On 19 Feb 2014 12:00:00

KB2934088

MS 2934088 Workaround for Vulnerability in Internet Explorer (Enabled) (See Notes)

Vendor Name

microsoft

Product

Windows

Released On

19 Feb 2014 12:00:00

Url

http://support.microsoft.com/kb/2934088

Description

Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 10. Only Internet Explorer 9 and Internet Explorer 10 are affected by this vulnerability. Other supported versions of Internet Explorer are not affected. The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

Important Notes:

  • Review the details in the KB article BEFORE using this workaround.
  • This Fix it solution is not intended to be a replacement for any security update. It is recommended that you always install the latest security updates. However, this Fix it solution is offered as a workaround option for some scenarios.
  • This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice.
  • Before applying this workaround, users should apply the latest Microsoft security updates.
  • Deployment for Install will enable the "CVE-2014-0322 MSHTML Shim Workaround" that prevents exploitation of this issue by running Microsoft Fix it 51007.
  • Deployment for Uninstall will disable the "CVE-2014-0322 MSHTML Shim Workaround" by running Microsoft Fix it 51008.
  • Related Resources

    Related Vulnerabilities

    CVE-2014-0322  

    Related Patches

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:18:29