You are currently offline, waiting for your internet to reconnect

MS15-124: Vulnerability in Internet Explorer could lead to ASLR bypass: December 16, 2015

Summary
A security feature bypass for Internet Explorer exists as a result of how exceptions are handled when dispatching certain window messages, allowing an attacker to probe the layout of the address space and thereby bypassing Address Space Layout Randomization (ASLR). By itself, the ASLR bypass does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code on a target system. Successful exploitation of the ASLR bypass requires a user to be logged on and running an affected version of Internet Explorer. The user would then need to browse to a malicious site.

To learn more about this issue, see Microsoft Security Bulletin MS15-124.
How to get and install the update
To have us fix this problem for you, go to the "Here's an easy fix" section.

Note you must restart Internet Explorer after you apply this easy fix for the change to take effect.

Here's an easy fix

To fix this problem automatically, click the Download button. Then, in the File Download dialog box, click Run or Open, and follow the steps in the easy fix wizard.
  • This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
  • If you’re not on the computer that has the problem, you should save the easy fix solution to a flash drive or a CD and then run it on the computer that has the problem.
Enable the User32 exception handler hardening feature in Internet Explorer
Disable the User32 exception handler hardening feature in Internet Explorer
More information

How to get help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support


Properties

Article ID: 3125869 - Last Review: 12/17/2015 21:02:00 - Revision: 2.0

Internet Explorer 11, Internet Explorer 10, Windows Internet Explorer 9, Windows Internet Explorer 8, Windows Internet Explorer 7

  • atdownload kbbug kbexpertiseinter kbfix kbqfe kbsecbulletin kbsecurity kbsecvulnerability kbfixme KB3125869
Feedback
ml> >tyle="display: none; " src="https://c1.microsoft.com/c.gif?DI=4050&did=1&t=">ing = 1; var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write(" var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write("