CVE2012-1889: MSXML use-after-free vulnerability

N_J · Jun 20, 2012

As soon as Microsoft had released patches for security bulletin MS12-037 (which patched 13 vulnerabilities for Internet Explorer) Google published information (Microsoft XML vulnerability under active exploitation) about a new zero-day vulnerability (CVE-2012-1889) in Microsoft XML Core Services. Sometimes vulnerabilities are discovered at a rate that outpaces the patching process and so a temporary fix is needed. That is what Microsoft has provided in this case: a ‘Fix it’ patch. We recommend that you install the patch because exploits for the vulnerability are already in the wild....

Source.....http://blog.eset.com/2012/06/20/cve2012-1889-msxml-use-after-free-vulnerability

Patches can be downloaded here:

Corrine · Jun 20, 2012

I suggest that you save both files so that you can disable the solution prior to installing the update when it is released.

N_J · Jun 20, 2012

Thank you Corrine..good advice. :thumbsup2: