|Check Point Reference:||CPAI-2012-256|
|Date Published:||12 Jun 2012|
|Last Updated:||12 Jul 2018|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a specially crafted web page. Successful exploitation may cause a memory corruption in a way that will allow an attacker to execute arbitrary code on an affected system, in the security context of the logged on user.|
This protection will detect and block attempts to open a malicious web page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: Internet Explorer Title Element Change Remote Code Execution (MS12-037)