
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2012-0076
 
Title:  Public exploit code for Internet Explorer is now widely available [1]
 
Version history:
21.06.2012 Initial publication

Summary
=======
The vulnerability which was patched in MS12-037 as part of the June edition of Microsoft's Patch 
Tuesday is being exploited in the wild. [2]

CVE-2012-1875
CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) [4,5]

Vulnerable systems
==================
Microsoft Internet Explorer 8

Original Details
================
This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and 
Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, 
Internet Explorer 8, and Internet Explorer 9 on Windows servers. [3]

What can you do?
================
Fix is available via the Microsoft Security Bulletin MS12-037 [3]

What to tell your users?
========================
N/A

More information
================
[1] http://www.zdnet.com/blog/security/attack-code-published-for-critical-ie-flaw-patch-your-browser-
now/12493
[2] http://www.theregister.co.uk/2012/06/19/ie_exploit_goes_feral/
[3] http://technet.microsoft.com/en-us/security/bulletin/ms12-037
[4] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1875
[5] More information about CVSS is available at: http://www.first.org/cvss/cvss-guide.html


Best regards,

CERT-EU Pre-configuration Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html


-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.39

iQJXBAEBAgBBBQJP5EHcOhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp
b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4N9vBAApqjfZMXO
cU6GjA+ZA9h1DhpPijdrFBK0I+LiqmHHFi9ZOr8+EeqvY1aJ43MsJHqVxJLQrD3b
Fk0pIKgQ9we7J62FoJwmnvBkc3ySICfGAoUAyL/a0t9LrW1DRKNq3GWEkQKOIcpc
sEIh/Bc9cyHgC1NtZ0sCxQxQwbWQk/4QFgua/ibJGkgqa0qINmLfKm3EUnACvio4
RydtUz9DA22CRVdpj4sZgSNmUPsQtbIRQEVW/MFjxfSh8iNzZWg8jNjMYmFsml6E
amxV08ludZBddfzW6p1UKomncKdazqN4jKfFLS5ix/40HOZ6pmkrVPwEm6UCs7kt
Bc5/lPSw/oZRZe5TMYhj5uKpFz/nUC6xEYprttyhprLDY7TwslRJBqpiOgvCm6jF
YjZpFkvNNbuXPZdL2QJMm2HjPz5Ab66FRVYLullgut9kgm5hmccagYinrEUj8Ptl
zI7m6xYMivHL9BZG8hXaS3tSAFIstSW080j+wrefJTjzM3fcXaHKL6vwo2nX4XbS
uSfH4JXhKcLXic9tbvoYkxxtvXLYfAhEU+/VWFVkLMHtrc32oN45xH/IgwIme2V9
XMEHAe6f3S9XAa3a28z0SL6daSGKZ9HLkski+SnEs+v7wiq3ee+HYOrQSgh8VEYv
JjfXzJVmNytJmTnF0Ob/82fW/KdRt3P4TAU=
=Z7Wt
-----END PGP SIGNATURE-----