Kalashnikov. Posted April 29, 2014 Report Posted April 29, 2014 Microsoft says a security gap in Internet Explorer could allow an attacker to take complete control of a computer if the user clicks on a malicious link.The vulnerability affects versions 6 through 11 of the Web browser.Microsoft Corp. said Saturday that it was aware of "limited, targeted attacks" that tried to exploit the security gap. The company is working on a fix which it plans to provide in a software update on May 13.In the meantime, Microsoft encourages customers to enable a firewall, apply all software updates and install anti-malware software.A division of the Homeland Security Department recommends that users download a security toolkit from Microsoft or use another browser until an update becomes available.https://technet.microsoft.com/en-US/library/security/2963983 <-- official Quote
Nytro Posted April 29, 2014 Report Posted April 29, 2014 Use after free iar VGX.dll care probabil nu e compilat cu suport pentru ASLR, e folosit pentru bypass DEP si ASLR. Quote
