1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Internet Explorer CVE-2016-0189 2

Web Attack: Microsoft Internet Explorer CVE-2016-0189 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Additional Information

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Specifically, this issue occurs because the 'VBScript' and 'JScript' engines fail to properly handle objects in memory during rendering process.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Affected

  • Internet Explorer 9, 10, and 11 are vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube