The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka "InformationCardSigninHelper Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows rt 8.1 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows 7 |
||
microsoft windows 8 - |
||
microsoft windows rt - |
||
microsoft windows server 2008 sp2 |
||
microsoft windows server 2003 - |
||
microsoft windows server 2012 - |
||
microsoft windows xp - |
||
microsoft windows server 2012 r2 |
||
microsoft windows 8.1 - |
||
microsoft windows vista - |
Microsoft’s November 2013 Patch Tuesday delivers a set of three critical Bulletins and five Bulletins rated “important”. This month’s MS13-088 patches eight critical vulnerabilities and two important vulnerabilities in Internet Explorer. Overall, Microsoft is addressing 19 issues in Internet Explorer, Office and Windows itself. The star of the show is MS13-090 which addresses CVE-2013-3918, an ActiveX vulnerability being attacked through Internet Explorer, revealed on the 8th by the guys...
Patch Tuesday offers balm for latest cyber-blight
An unpatched flaw in Internet Explorer that become the topic of a high-profile warning over the weekend will be patched later on Tuesday, Microsoft promises. The CVE-2013-3918 vulnerability, affecting an Internet Explorer ActiveX Control, shipped up in active attacks detected by net security firm FireEye, sparking a high-profile warning. The flaw has already been abused in a variety of attacks by a group linked to the Operation DeputyDog assaults against targets in Japan and China. However by a ...