Yesterday, Jerry Bryant announced here on the MSRC blog that Security Advisory 979682 Released. Click on the link for the details: essentially Security Advisory 979682 addresses an Elevation of Privilege (EoP) vulnerability in the Windows kernel, affecting all currently supported versions of 32-bit Windows. Please note that 64-bit versions of Windows, including Windows Server 2008 R2, are not affected.
As noted, we’re not currently aware of any active attacks against this vulnerability and as Jerry noted…
"… [we] believe risk to customers, at this time, is limited. We continue to recommend customers review the mitigations and workarounds detailed in the Security Advisory.
"We are also working with our Microsoft Active Protections Program (MAPP) partners to help provide broader protections for customers.
"Our teams are continuing to work on an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution. That may include releasing the update out-of-band."
For more details on the Security Advisory you can subscribe to our comprehensive alerts here to receive email when there’s new information. The team will also post updates on the MSRC Blog.
Tags: IE, Security, what I read, Internet Explorer, twitter, Microsoft, Windows 7.
Clubhouse Tags: Clubhouse, how-to, Windows 7, Security, IE, Internet Explorer (IE)
MSRC references: Security Advisory, Internet Explorer (IE), Workarounds, Defense-in-depth, Exploitability, Zero-Day Exploit
Also available via http://bit.ly/5TO6wk