• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer URI Validation Remote Code Execution Vulnerability

Solution:
The vendor has released an advisory along with fixes. Please see the references for details.


Microsoft Internet Explorer 8

• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=7d480c87-2ca9 -4505-a59d-a6d73d001fa5


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=3e2e740b-8417 -4758-8468-15221249ec71


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=7c2948fb-f486 -4801-bc21-bbf40d5a78c2


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=41b83fad-948b -4a9c-80ed-9c5a60bd35b4


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=278443c1-15dc -436b-893b-ffea6d29d16d


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=a584cd0f-2e05 -4e36-8858-0ffead637162


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=f5ce8582-af63 -4870-bee3-0abeeefa1458


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Syste
  http://www.microsoft.com/downloads/details.aspx?familyid=9d137bab-8312 -4240-af74-c65ba652fde0


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=d3386793-a594 -4bc5-8308-28b561d43087


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=be11981c-d286 -4e3c-94bf-d4e67a975d5a


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=5e2cbd7d-f64f -49e5-a159-1965ebfe2a92


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?familyid=b7a7e8e7-f4c5 -459d-ab6c-05a192e1e3f9

Microsoft Windows XP Tablet PC Edition SP2

• Microsoft Security Update for Windows XP (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=b8e7bf17-a037 -4200-9ae2-2280b19766a4

Microsoft Windows XP Media Center Edition SP3

• Microsoft Security Update for Windows XP (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=b8e7bf17-a037 -4200-9ae2-2280b19766a4

Microsoft Windows Server 2003 Web Edition SP2

• Microsoft Security Update for Windows Server 2003 (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=5cb2e203-18fb -4887-a1c9-289d86b8ba11

Microsoft Windows XP Professional x64 Edition SP2

• Microsoft Security Update for Windows XP x64 Edition (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=b8d83f30-9cd7 -4d6b-b2b9-65d0a483cb9c

Microsoft Internet Explorer 7.0

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=14726445-3ff4 -463c-9fc1-c9b758079aca


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit Itanium Edition (K
  http://www.microsoft.com/downloads/details.aspx?FamilyID=5622f223-df9c -4a6a-bdf0-feebaf9920fd


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=c8742230-16d8 -4b2f-bd3e-8834c759856b


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=3510c7d8-7e8f -479e-b6f9-5745a845664d


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=cc5aea0b-e553 -4f7f-a2cc-cba41bb87ae7


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=8c4c91ec-1b2b -4176-bd77-45245b590329


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?FamilyID=9395547f-b620 -4cbd-9ff5-11b76cd73859


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=4f9975b8-3f91 -4116-9200-ef55ece75854


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=92495551-dedd -43d4-bb3a-51028bc5c6d6


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB978207)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=3cb139b3-59f4 -44ef-9911-4dd4e3b83e7d

Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=92234237-a8eb -4ce4-bc5e-cd86feb7dbd3

Microsoft Windows Server 2003 Standard Edition SP2

• Microsoft Security Update for Windows Server 2003 (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=5cb2e203-18fb -4887-a1c9-289d86b8ba11

Microsoft Windows Server 2003 Itanium SP2

• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=d695ca9f-a1db -4c0f-94b6-7112861c28da

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=92234237-a8eb -4ce4-bc5e-cd86feb7dbd3

Microsoft Windows XP Media Center Edition SP2

• Microsoft Security Update for Windows XP (KB975713)
  http://www.microsoft.com/downloads/details.aspx?familyid=b8e7bf17-a037 -4200-9ae2-2280b19766a4