Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft Internet Explorer 6 through 11 Arbitrary Code Execution

High

Synopsis

This is a deprecated warning regarding the version of Microsoft Internet Explorer on the remote host; PVS cannot determine passively whether or not the browser has been patched.

Description

Unpatched versions of Internet Explorer 6 through 11 contain a vulnerability that bypasses both of Windows' ASLP and DEP protections, though current attacks in the wild have been targeting versions 9 and onward. An attacker could leverage this to execute arbitrary code within the context of the user running the browser.

Solution

Review and upgrade the Internet Explorer browser.