Conseils sécurité de Zscaler
Zscaler Protects Against Microsoft’s Out-of-Band Security Update
Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following web based, client-side vulnerability included in their latest out-of-band security update. Zscaler will continue to monitor exploits associated with all vulnerabilities in this update and deploy additional protections as necessary.
MS12-063 – Cumulative Security Update for Internet Explorer (2744842
Severity: Critical
Affected Software
- Microsoft Internet Explorer 6
- Microsoft Internet Explorer 7
- Microsoft Internet Explorer 8
- Microsoft Internet Explorer 9
CVE-2012-1529 - OnMove Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has not been correctly initialized or has been deleted.
CVE-2012-2546 - Event Listener Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory in such a way that an attacker could execute arbitrary code in the context of the current user.
CVE-2012-2548 - Layout Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted.
CVE-2012-2557 - cloneNode Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted.
CVE-2012-4969 - execCommand Use After Free Vulnerability
Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted.