Microsoft has published a Security Advisory ("Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution") that discloses a new critical vulnerability in Microsoft XML Core Services (CVE-2012-1889) affecting Internet Explorer, Office 2003 and Office 2007.
Complete information from Microsoft is available at http://technet.microsoft.com/en-us/security/advisory/2719615.
In response to this advisory, Palo Alto Networks has released an emergency content update (version 314) that provides detection of attempted exploitation of the vulnerability described in this advisory.
The following signatures have been added to detect exploitation of this vulnerability:
|Severity||ID||Attack Name||CVE ID|
|critical||34840||Microsoft Internet Explorer Memory Corruption Vulnerability||CVE-2012-1889|
Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices. If you have any questions about coverage for this advisory, please contact Support.
6/14/12 -- Advisory posted