• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 587
  • Last Modified:

Attack code published for two unpatched Microsoft exploits

Anyone knows which Microsoft KB I need to download for this attack?  


1 Solution
CVE-2012-1875 is addressed in MS12-037
Cumulative Security Update for Internet Explorer (kb2699988)
See the MS12-037 page, as different versions of IE have different download pages,
even though they are all listed as kb2699988.

CVE-2012-1889 is addressed in MS12-043
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (kb2722479)
This is a far-reaching issue, and the MS12-043 page lists many links to kb pages,
depending on your affected software.  But down near the bottom of that page,
you'll find some specific information under a section
"MSXML Uninitialized Memory Corruption Vulnerability - CVE-2012-1889",
including a link to the main kb article with a Microsoft Fix-it solution:
  Microsoft Knowledge Base Article 2722479

Both of these should now be handled by Windows Update.

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now