Vulnerability in Internet Explorer Could Allow Information Disclosure

Microsoft has Released a new Security Advisory to address Vulnerabilities affecting Internet Explorer Browsers. The Advisory has been released in response to a report published by C.O.R.E. - C.O.R.E.-2009-0625 - which disclosed two Remote-File Access Vulnerabilities affecting the Browser. The issues can be Exploited by a remote Web Site to disclose File Contents, or to render Script contained in a Target File in the Security Zone that is assigned to the target files source. The Vulnerability is Trivially Exploitable and is likely to be exploited in-the-Wild.

Details for Exploitation of these issues is Public. Customers are advised to read the following Microsoft Security Advisory as soon as possible for workaround information.

 

 

Microsoft Security Advisory (980088):

Vulnerability in Internet Explorer Could Allow Information Disclosure:

http://www.microsoft.com/technet/security/advisory/980088.mspx.

 

 




- Microsoft Internet Explorer URLMON Sniffing Cross Domain Information Disclosure Vulnerability.

 

 

Microsoft has Released Updates to address this Vulnerability; please install all Updates to Affected Products as soon as possible.

 

 

Microsoft Security Bulletin MS10-035 - Critical:

Cumulative Security Update for Internet Explorer (982381):

http://www.microsoft.com/technet/security/bulletin/ms10-035.mspx.