IE remote code execution vulnerability being actively exploited in the wild

JMH · Jun 18, 2012

A critical Internet Explorer vulnerability, announced and patched by Microsoft in June's Patch Tuesday, is being exploited in the wild.

The vulnerability is CVE-2012-1875 (don't expect any detail - this link is just boilerplate stuff), patched in MS12-037.

SophosLabs has seen numerous attempts to exploit this vulnerability (Sophos products detect it as Exp/20121875-A).

Cunningly-crafted JavaScript code - which can be embedded in a web page to foist the exploit on unsuspecting vistors - is circulating freely on the internet.

http://nakedsecurity.sophos.com/201...Feed:+nakedsecurity+(Naked+Security+-+Sophos)

Search

Search

IE remote code execution vulnerability being actively exploited in the wild

JMH

Emeritus, Contributor