icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Microsoft Internet Explorer 6 through 11 Arbitrary Code Execution

High

Synopsis

This is a deprecated warning regarding the version of Microsoft Internet Explorer on the remote host; PVS cannot determine passively whether or not the browser has been patched.

Description

Unpatched versions of Internet Explorer 6 through 11 contain a vulnerability that bypasses both of Windows' ASLP and DEP protections, though current attacks in the wild have been targeting versions 9 and onward. An attacker could leverage this to execute arbitrary code within the context of the user running the browser.

Solution

Review and upgrade the Internet Explorer browser.