Description: Microsoft has released a new cumulative patch for Internet Explorer. This fixes the Object Data vulnerability, which was inadequatedly addressed in MS03-32.
The Object Data vulnerability could be exploited to execute arbitrary code on a user's system through HTML documents such as emails and web pages.
Further information about the Object Data vulnerability: SA9580
The cumulative patch also changes some behaviour of DHTML, which in combination with other vulnerabilities or programs such as Windows Media Player could lead to execution of arbitrary code. This change does not seem to fix the problem completely as Microsoft still recommends users to upgrade Windows Media Player.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.