Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer
Jul 24, 2015
How many Zero-Days do you think could hit Microsoft today? Neither one nor two; this times its Four. The Hewlett-Packard's Zero-Day Initiative (ZDI) has disclosed four new zero-day vulnerabilities in Microsoft's Internet Explorer browser that could be exploited to remotely execute malicious code on victim's machine. All the four zero-days originally were reported to Microsoft, affecting Internet Explorer on the desktop. However, later it was discovered that the zero-day vulnerabilities affected Internet Explorer Mobile on Windows Phones as well. Each of the four zero-day flaws affects different components of the browser, and all are remotely exploitable through typical drive-by attacks. Four Zero-day vulnerabilities Disclosed by ZDI Here are the zero-day vulnerabilities, as reported by ZDI: ZDI-15-359: AddRow Out-Of-Bounds Memory Access Vulnerability ZDI-15-360: Use-After-Free Remote Code Execution Vulnerability ZDI-15-361: Use-After-Free Rem...
