You are currently offline, waiting for your internet to reconnect

Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:
MORE INFORMATION
Two Fix it solutions are available:
  • Fix it solution for peer factory in iepeers.dll We have created an application compatibility database that will disable peer factory in the iepeers.dll binary for supported versions of Internet Explorer on Windows XP and Windows Server 2003.
    To install this application compatibility database, click the Fix it button in the "Fix it solution for peer factory in iepeers.dll" section.
  • Fix it solution for Data Execution Prevention We have created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer that support DEP. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.
    To install this application compatibility database, click the Fix it button in the "Fix it solution for Data Execution Prevention" section.
Fix it solution for peer factory in iepeers.dll
To apply the "Disable peer factory in iepeers.dll" automatically to supported versions of Windows XP and Windows Server 2003, click the Fix it button or link. Click Run in the File Download dialog box, and then follow the steps in the Fix it wizard.

To undo the fix and restore the original settings, click the Fix this problem link under the "Disable this fix" heading. Then, click Run in the File Download dialog box and follow the steps in the wizard.
Enable this fixDisable this fix

Notes
  • This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
  • If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD, and then you can run it on the computer that has the problem.
Fix it solution for Data Execution Prevention
To enable or disable DEP automatically, click theFix itbutton or link. ClickRunin the File Downloaddialog box, and then follow the steps in the Fix it wizard.
Enable Application Compatibility DatabaseDisable Application Compatibility Database
Notes
  • These wizards may be in English only. However, the automatic fixes also work for other language versions of Windows.
  • If you are not on the computer that has the problem, save the Fix it solutions to a flash drive or a CD and then run it on the computer that has the problem.
  • These wizards do not apply to Windows 2000-based operating systems because Windows 2000 does not support DEP.
  • For this workaround to be effective, your processor must support Hardware-enforced DEP. For more information about how to determine whether your system supports Hardware-enforced DEP click the following article number to view the article in the Microsoft Knowledge Base:
    912923How to determine that hardware DEP is available and configured on your computer
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.
Properties

Article ID: 981374 - Last Review: 06/08/2011 19:15:00 - Revision: 4.1

Windows Internet Explorer 7, Microsoft Internet Explorer 6.0

  • kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability kbmsifixme kbfixme kbsurveynew KB981374
Feedback