Intrusion Prevention

MS.IE.OLEAuto32.Remote.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in Internet Explorer.
The vulnerability is caused by an uninitialized pointer in the structure for variant types. It can be exploited through a specially crafted web page using the "htmlfile" ActiveX object.

Affected Products

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the following web site:
http://www.microsoft.com/technet/security/Bulletin/ms11-081.mspx

CVE References

CVE-2011-1995