|MS11-057||Cumulative Security Update for Internet Explorer (2559049)||Internet Explorer||Critical||10-08-2011|
Brief overview of the risk:
This security update resolves five privately reported vulnerabilities and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.
Detailed Information on the risk:
An information disclosure vulnerability exists in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and performed a drag-and-drop operation. An attacker who successfully exploited this vulnerability could gain access to cookie files stored in the local machine.
Further information on this exploit is available at : MS11-057
Affected SoftwareInternet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9