{"id":4699,"date":"2014-02-11T14:29:46","date_gmt":"2014-02-11T22:29:46","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=4699"},"modified":"2014-09-26T17:56:52","modified_gmt":"2014-09-27T00:56:52","slug":"palo-alto-networks-discovers-4-critical-internet-explorer-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2014\/02\/palo-alto-networks-discovers-4-critical-internet-explorer-vulnerabilities\/","title":{"rendered":"Palo Alto Networks Discovers 4 Critical Internet Explorer Vulnerabilities"},"content":{"rendered":"<p>Palo Alto Networks researcher Bo Qu has discovered 4 new critical Internet Explorer (IE) vulnerabilities covering versions 8, 9, 10, and the latest, Internet Explorer 11.<\/p>\n<p>Each of these discoveries allows full remote code execution using a memory corruption vulnerability in IE. They have been documented in Microsoft Security Bulletin\u00a0<a href=\"https:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms14-010\" rel=\"nofollow,noopener\"  target=\"_blank\">MS14-010<\/a>\u00a0and part of the February 2013 <a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms14-feb\" rel=\"nofollow,noopener\"  target=\"_blank\">Security Bulletin<\/a>.<\/p>\n<p>Details:<\/p>\n<p><!--more--><\/p>\n<ul>\n<li>Critical memory corruption vulnerability affecting Internet Explorer versions 8, 9 &amp; 10 (CVE-2014-0272)<\/li>\n<li>Critical memory corruption vulnerability affecting Internet Explorer versions 9, 10, 11 (CVE-2014-0273)<\/li>\n<li>Critical memory corruption vulnerability affecting Internet Explorer version 8 (CVE-2014-0278)<\/li>\n<li>Critical memory corruption vulnerability affecting Internet Explorer version 11 (CVE-2014-0290)<\/li>\n<\/ul>\n<p>Palo Alto Networks customers are protected from these vulnerabilities through our regular Vulnerability Protection updates, and we recommend Internet Explorer users upgrade to the latest patch from Microsoft.<\/p>\n<p>In our continuing commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the\u00a0<a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/dn467918\" rel=\"nofollow,noopener\"  target=\"_blank\">Microsoft Active Protections Program (MAPP)<\/a>\u00a0program, which ensures the timely, responsible disclosure of new vulnerabilities and creation of protections from security vendors.<\/p>\n<p>Bo Qu\u2019s recent published discoveries also include <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2013\/12\/palo-alto-networks-discovers-another-new-internet-explorer-vulnerability\/\" target=\"_blank\">an IE vulnerability in December 2013<\/a>, and <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2013\/11\/palo-alto-networks-finds-critical-vulnerabilities-latest-version-internet-explorer\/\" target=\"_blank\">three IE vulnerabilities in November 2013<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Palo Alto Networks researcher Bo Qu has discovered 4 new critical Internet Explorer (IE) vulnerabilities covering versions 8, 9, 10, and the latest, Internet Explorer 11. Each of these discoveries allows full &hellip;<\/p>\n","protected":false},"author":41,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[155,35],"tags":[241,239,240,46,775,325],"coauthors":[776],"class_list":["post-4699","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-2","category-threat-advisories-advisories","tag-bo-qu","tag-ie","tag-internet-explorer","tag-microsoft","tag-microsoft-security-bulletin","tag-vulnerability"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=4699"}],"version-history":[{"count":2,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4699\/revisions"}],"predecessor-version":[{"id":4701,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4699\/revisions\/4701"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=4699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=4699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=4699"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=4699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}