Effects
MS10-002 is not categorized as virus, worm, Trojan or backdoor. It is a group of critical vulnerabilities in Internet Explorer on Windows 7/2008/Vista/2003/XP/2000 computers, which allows arbitrary code to be remotely executed and information to be disclosed. Affected versions of Internet Explorer are 5.01, 6 SP1, 6, 7 and 8.
The addressed vulnerabilities are:
- XSS Filter Script Handling vulnerability: an XSS filter bypass vulnerability that occurs due to the way Internet Explorer 8 disables an HTML attribute in otherwise appropriately filtered HTTP response data.
- URL Validation vulnerability: a remote code execution vulnerability that occurs because when Internet Explorer processes a specially crafted URL, code that is called to validate the URL could execute a binary from the local client system.
- Uninitialized Memory Corruption vulnerability: this remote code execution vulnerability occurs due to the way Internet Explorer accesses an object which has not been correctly initialized or has been deleted.
- HTML Object Memory Corruption vulnerability: a remote code execution vulnerability that happens when Internet Explorer attempts to access the memory that has not been correctly initialized.
If exploited successfully, MS10-002 allows hackers to gain remote control of the affected computer with the same privileges as the logged on user and to disclose information.
All these vulnerabilities are usually exploited by creating a specially crafted web page and enticing users to access it. The link to the website can be distributed using several methods, such as email, instant messaging programs, etc.
If you have any of the vulnerable versions of Internet Explorer, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.
However, provided that this is a cumulative patch, make sure that you download the latest security patch available.