Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution

Article translations Article translations
Article ID: 2488013 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft website:
http://www.microsoft.com/technet/security/advisory/2488013.mspx

To have us fix this problem for you, go to the "Fix it for me" section.

Fix it for me

The Fix it solution that is described in this section is not intended to be a replacement for any security update. We recommend that you always install the latest security updates. However, we offer this Fix it solution as a workaround option for some scenarios.

For more information about this workaround, visit the following Microsoft Security Advisory webpage:
http://www.microsoft.com/technet/security/advisory/2488013.mspx
The advisory provides more information about the issue and includes the following:
  • The scenarios in which you might apply or disable the workaround
  • Mitigating factors
  • Workarounds
  • FAQ
Specifically, to see this information, look for the "Mitigating Factors and Suggested Actions" heading, and then expand the "Workaround" section.

Fix it solution for recursive cascading style sheets

This Fix it solution adds a check to check whether a cascading style sheet is about to be loaded recursively. If this is the case, the Fix it solution cancels the loading of the cascading style sheet. This Fix it solution takes advantage of a feature that is typically used for application compatibility fixes. This feature can modify the instructions of a specific binary when it is loaded. For more information about Custom Fix Databases, visit the following Microsoft websites: To enable or disable this Fix it solution, click the Fix it button or link under the Enable heading or under the Disable heading. Click Run in the File Download dialog box, and then follow the steps in the Fix it Wizard.
Collapse this tableExpand this table
EnableDisable
Fix this problem
Microsoft Fix it 50591
Fix this problem
Microsoft Fix it 50592

Known issues

  • The Fix it solution may cause some slight performance issues because of the increased checking that is required to block the loading of the CSS files.

Notes

  • This Fix it solution was updated February 01, 2011, to allow the LocalSystem account to install the Fix it solution.
  • Prior to 10:30 PM Pacific Time, 1/11/2011, the Fixit links on this page incorrectly pointed to the Fixit for KB2490606. If you installed the Fixit from this page prior to that time, you should install the Fixit using the current link in this article.
  • These wizards may be in English only. However, the automatic fixes also work for other language versions of Windows.
  • If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD, and then you can run it on the computer that has the problem.
  • To use this Fix it solution, you must have security update 2416400 installed. Security update 2416400 was released on December 14, 2010 and is described in MSRC bulletin MS10-090.
  • This Fix it solution must be manually uninstalled before you apply a future Cumulative Security Update for Internet Explorer that contains a software fix for this vulnerability.

Properties

Article ID: 2488013 - Last Review: June 21, 2014 - Revision: 5.0
Applies to
  • Windows Internet Explorer 7
  • Windows Internet Explorer 8
Keywords: 
kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability kbmsifixme kbfixme KB2488013

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com