Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)

  Severity: CRITICAL
  Advisory Date: SEP 30, 2015

  DESCRIPTION

Microsoft Internet Explorer is prone to a double free memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial of service condition.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  PATCH: https://technet.microsoft.com/library/security/ms15-065

  Trend Micro Deep Security DPI Rule Number: 1006599

  AFFECTED SOFTWARE AND VERSION

  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11