Cumulative Security Update for Internet Explorer
Description: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles scripts and cached content and initializes memory.
Update type: Critical
Release date: June 9, 2009
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/969897
- Race Condition Cross-Domain Information Disclosure Vulnerability – CVE-2007-3091
- Cross-Domain Information Disclosure Vulnerability – CVE-2009-1140
- DHTML Object Memory Corruption Vulnerability – CVE-2009-1141
- HTML Object Memory Corruption Vulnerability – CVE-2009-1528
- Uninitialized Memory Corruption Vulnerability – CVE-2009-1529
- HTML Objects Memory Corruption Vulnerability – CVE-2009-1530
- HTML Object Memory Corruption Vulnerability – CVE-2009-1531
- HTML Object Memory Corruption Vulnerability – CVE-2009-1532
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB969897.