Microsoft Internet Explorer Use-After-Free Vulnerability Guidance

Original release date: April 28, 2014

US-CERT is aware of active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer. This vulnerability affects IE versions 6 through 11 and could allow unauthorized remote code execution.

US-CERT recommends that users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds. Those who cannot follow Microsoft's recommendations, such as Windows XP users, may consider employing an alternate browser.

For more details, please see VU#222929.

This product is provided subject to this Notification and this Privacy & Use policy.