View Previous Alerts

Alert (TA12-262A)

Microsoft Security Advisory for Internet Explorer Exploit

Original release date: September 18, 2012 | Last revised: September 19, 2012

Systems Affected


An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 6, 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques.


Microsoft Internet Explorer versions 6, 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. At this time, there is no patch available for this vulnerability. End-users can mitigate the vulnerability by using Microsoft's Enhanced Mitigation Experience Toolkit.

Additional mitigation advice is available in the MSRC blog post: "Microsoft Releases Security Advisory 2757760" and US-CERT Vulnerability Note VU#480095.


A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.


US-CERT recommends Internet Explorer users read Microsoft Security Advisory 2757760 and apply mitigation techniques such as using the Microsoft Enhanced Mitigation Experience Toolkit.


Revision History

This product is provided subject to this Notification and this Privacy & Use policy.

Document Feedback

Was this document helpful?  Yes  |   Somewhat  |   No