北京赛克艾威科技有限公司 2024-07-23
Microsoft Internet Explorer contains a use\-after\-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that \(1\) was not properly allocated or \(2\) is deleted, as demonstrated by a CDwnBindInfo object.
The impacted product is end-of-life and should be disconnected if still in use.
https://learn.microsoft.com/en-us/lifecycle/products/internet-explorer-11
https://www.cisa.gov/known-exploited-vulnerabilities-catalog