September 18, 2012

Internet Explorer zero-day vulnerability

Patrik Runald

A new vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 6, 7, 8, and 9. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites.

The vulnerability itself lies in the way that Internet Explorer accesses an object that has been deleted or not properly allocated. This vulnerability has now been listed by Metasploit, which means it is available publicly, and we anticipate that we'll soon see this Internet Explorer vulnerability used in broader attacks. More information about the vulnerability can be found in this Microsoft Advisory 2757760.

We have released updates to the real-time analytics of ACE™, our Advanced Classification Engine, which means that Websense customers are protected. As a member of the Microsoft Active Protection Program (MAPP), we are also working with Microsoft to monitor this situation.


On Friday September 21, 2012, Microsoft released an out-of-band patch MS12-063 to address this vulnerability. The above vulnerability, documented as CVE-2012-4969 was addressed along with 4 other vulnerabilities affecting Internet Explorer.  We recommend that you apply this patch to your environment as soon as possible.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.