VERT Alert - September 11, 2012

September 11, 2012 11:20 AM (PT)

The Tripwire VERT Alert is brought to you by Tripwire VERT, Tripwire 's research team. VERT Alerts are distributed for Microsoft Patch Tuesday and for significant security threats.

Today's VERT Alert addresses an Out-of-Band Microsoft Security Bulletin. VERT is actively working on coverage for this bulletin in order to meet our 24-hour SLA and expects to ship ASPL-477 on Saturday, September 22nd.

OnMove Use After Free Vulnerability CVE-2012-1529
Event Listener Use After Free Vulnerability CVE-2012-2546
Layout Use After Free Vulnerability CVE-2012-2548
cloneNode Use After Free Vulnerability CVE-2012-2557
execCommand User After Free Vulnerability CVE-2012-4969


The single patch released today addresses the much talked about IE 0-day, along with four other vulnerabilities. The 0-day (CVE-2012-4969) has already been exploited in the wild, so it is advisable to apply this patch as soon as possible. Keep in mind that Internet Explorer 6 through 9 are affected by this issue, so it is likely that all Windows systems in your environment are affected.


As always VERT recommends that you apply all the patches as soon as possible but also that you fully vet patches (when possible) before applying them to production systems.


Ease of Use (published exploits) to Risk Table:


Automated Exploit
Extremely Difficult
No Known Exploit
Local Availability
Remote Availability
Remote Access
Local Privileged
Remote Privileged


All data and commentary is based on information available when the VERT Alert is published.