Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow remote code execution in the context of the current user.
Apply the KB2846071 update for Internet Explorer.
Exploit works on Microsoft Internet Explorer 8 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).
JRE 6 must be installed on Windows 7.
The user must open the exploit in Internet Explorer 8.