This critical security update resolves four privately reported vulnerabilities. The most serious security impact could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The security update is rated moderate for Internet Explorer 6 and 7 on Windows Server 2003. For all other supported releases of Internet Explorer, this security update is rated critical. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles access to freed memory.
Recommendation. Microsoft recommends that customers apply the update immediately.
For more information about the vulnerability, please visit Microsoft TechNet.
For more information on protecting yourself online visit http://security.georgetown.edu.