MS KB2934088: Vulnerability in Internet Explorer Could Allow Remote Code Execution
High Nessus Plugin ID 72605
SynopsisThe remote host is affected by a remote code execution vulnerability.
DescriptionThe remote host is missing one of the workarounds referenced in KB 2934088.
The remote Internet Explorer install is affected by a use after free vulnerability in the MSHTML CMarkup component. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
SolutionApply the IE settings workarounds suggested by Microsoft in the advisory, or apply the MSHTML Shim workaround in the Microsoft 'Fix it' solution.