Attack code published for two unpatched Microsoft exploits

Posted on 2012-08-29
Last Modified: 2012-09-13
Anyone knows which Microsoft KB I need to download for this attack?

Question by:nav2567
    1 Comment
    LVL 12

    Accepted Solution

    CVE-2012-1875 is addressed in MS12-037
    Cumulative Security Update for Internet Explorer (kb2699988)
    See the MS12-037 page, as different versions of IE have different download pages,
    even though they are all listed as kb2699988.

    CVE-2012-1889 is addressed in MS12-043
    Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (kb2722479)
    This is a far-reaching issue, and the MS12-043 page lists many links to kb pages,
    depending on your affected software.  But down near the bottom of that page,
    you'll find some specific information under a section
    "MSXML Uninitialized Memory Corruption Vulnerability - CVE-2012-1889",
    including a link to the main kb article with a Microsoft Fix-it solution:
      Microsoft Knowledge Base Article 2722479

    Both of these should now be handled by Windows Update.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
    This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
    This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now