关键漏洞信息 Affected Systems Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Overview Unpatched use-after-free vulnerability in Internet Explorer versions 6, 7, 8, and 9 is being exploited in the wild. No patch available at the time of the alert. Impact Remote, unauthenticated attacker could: - Execute arbitrary code - Cause a denial of service - Gain unauthorized access to files or system Solution Read Microsoft Security Advisory 2757760 and apply mitigation techniques. Use Microsoft Enhanced Mitigation Experience Toolkit for additional mitigation. References Microsoft Security Advisory (2757760) MSRC Blog: Microsoft Releases Security Advisory 2757760 Download Microsoft EMET 3.0 US-CERT Vulnerability Note VU#480095 Revisions September 18, 2012: Initial release September 19, 2012: Updated Alert Code TA12-262A