9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Microsoft has released Security Advisory 2887505 regarding a remote code execution vulnerability (CVE-2013-3893) impacting Internet Explorer versions 6 through 11. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9. The Microsoft Fix it solution, βCVE-2013-3893 MSHTML Shim Workaround,β prevents exploitation of this issue.
US-CERT encourages administrators to review Microsoft Security Advisory 2887505 and Knowledge Base article 2887505 and follow best practice security policies to determine which updates should be applied.
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
We recently updated our anonymous product survey; weβd welcome your feedback.