Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2502)

  Severity: CRITICAL
  CVE Identifier: CVE-2015-2502
  Advisory Date: AUG 18, 2015

  DESCRIPTION

This vulnerability exists in several versions of the Windows browser Internet Explorer. The vulnerability lies in the way Internet Explorer accesses objects in memory. Attackers could exploit this vulnerability and allow remote code execution on the vulnerable machine. Attackers looking to take advantage of this vulnerability lures potential victims to click on malicious links in instant messages, email messages, and the like.

Affected versions of Internet Explorer are versions 7 to 11, installed in Windows operating systems from Windows Vista to Windows 10.

  TREND MICRO PROTECTION INFORMATION

Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:

  • 1006957 - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Internet Explorer 8
  • Internet Explorer 7
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11

Featured Stories