Skip to main content

Information Technology
  2. Security
  3. messages
  4. Internet Explorer Vulnerability

Internet Explorer Vulnerability

VUIT Security Notice: New vulnerability found in Internet Explorer

Vanderbilt IT would like to bring the following information to the technical community’s attention, especially those who use Internet Explorer. A memory corruption vulnerability was found in versions 7 through 11 of Internet Explorer. This vulnerability could allow remote code execution if a user views a specially crafted webpage using this browser. An attacker who successfully exploits this vulnerability could gain the same user rights as the owner.

The security vulnerability has been identified as critical because it can be exploited remotely and can potentially allow the attacker to take control of the affected machine. In turn, this grants the attacker access to other systems within the network.

VUIT Security Operations will continue to monitor this vulnerability closely and has instituted detection capability for possible exploits of this vulnerability. In the meantime, VUIT recommends that users patch as soon as possible as this vulnerability is actively being exploited.

For more information, please contact VUIT Security Operations at vuit.incident.response@vanderbilt.edu.

Sources and References:
 https://technet.microsoft.com/library/security/MS15-093
https://isc.sans.edu/forums/diary/Microsoft+Security+Bulletin+MS15093+Critical+OOB+Internet+Explorer+RCE/20053/
 http://krebsonsecurity.com/2015/08/microsoft-pushes-emergency-patch-for-ie/