1. Home
  2. System Utilities
  3. CVE-2012-1889
C

CVE-2012-1889

Microsoft  ❘ Freeware
Windows
Latest Version
 
This is a fix for Microsoft Security Advisory (2719615):

Microsoft is aware of active attacks that leverage a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007.

The vulnerability exists when MSXML attempts to access an object in memory that has not been initialized, which may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

Overview

CVE-2012-1889 is a Freeware software in the category System Utilities developed by Microsoft.

The latest version of CVE-2012-1889 is currently unknown. It was initially added to our database on 06/25/2012.

CVE-2012-1889 runs on the following operating systems: Windows.

CVE-2012-1889 has not been rated by our users yet.

Pros

  • Microsoft takes security vulnerabilities seriously and regularly releases patches and updates to address them.

Cons

  • CVE-2012-1889 is a specific security vulnerability that affects Microsoft software, indicating a potential weakness in their products.
  • It may require users to manually download and install the necessary patch or update to protect against this particular vulnerability.

FAQ

What is CVE-2012-1889?

CVE-2012-1889 is a vulnerability in Internet Explorer (IE) that allows remote attackers to execute arbitrary code or cause a denial of service (DoS) attack via a crafted web page.

Which versions of Internet Explorer (IE) are affected by CVE-2012-1889?

CVE-2012-1889 affects all versions of IE, from IE6 to IE9, on Windows XP, Vista, and 7.

How can I protect myself from CVE-2012-1889?

You can protect yourself by installing the security update provided by Microsoft. Additionally, you can use a different web browser, such as Google Chrome or Mozilla Firefox, until the security update is installed.

How does CVE-2012-1889 work?

CVE-2012-1889 works by exploiting a use-after-free vulnerability in IE's handling of certain objects in memory. Attackers can create a specially-crafted web page that triggers this vulnerability and allows them to execute arbitrary code or cause a DoS attack.

Has Microsoft released a security update for CVE-2012-1889?

Yes, Microsoft released a security update for CVE-2012-1889 on June 12, 2012 as part of its monthly Patch Tuesday updates.

What should I do if I think my computer has been attacked using CVE-2012-1889?

You should run a full scan of your computer using an up-to-date antivirus software and anti-malware software. You should also install the security update provided by Microsoft and ensure that your web browser is up-to-date.

Are there any known exploits in the wild for CVE-2012-1889?

Yes, there were known exploits in the wild for CVE-2012-1889 before Microsoft released the security update. This vulnerability was actively exploited by the Poison Ivy Trojan, among others.

What is the severity rating of CVE-2012-1889?

CVE-2012-1889 has a base score of 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS), indicating a high severity level.

What is the Common Vulnerability Scoring System (CVSS)?

The Common Vulnerability Scoring System (CVSS) is a standardized system used to assess and communicate the severity of vulnerabilities in software systems.

What should I do if I am unable to install the security update provided by Microsoft?

If you are unable to install the security update provided by Microsoft, you can consider using Microsoft's Enhanced Mitigation Experience Toolkit (EMET) to provide additional protection against CVE-2012-1889. However, you should still try to install the security update as soon as possible.

Latest Version
 
Secure and free downloads checked by UpdateStar
Stay up-to-date
with UpdateStar freeware.

Latest Reviews

C Caneco BT 2017 Country Pack FR
Caneco BT 2017 Country Pack FR Review: Tailored Power Solutions
Caneco BT Application files Caneco BT Application files
Streamline Your Electrical Design Process with Caneco BT
V Visioneer Acuity Assets
Streamline Your Document Management with Visioneer Acuity Assets
V Visioneer OCR FineReader Module
Transform Your Scanning with Visioneer's OCR FineReader Module
JC-WebClient JC-WebClient
Streamline Your Web Interactions with JC-WebClient
D Dying Light Stay Human
Survive the Night in an Unforgiving World

Most Popular Downloads

UpdateStar Premium Edition UpdateStar Premium Edition
Keeping Your Software Updated Has Never Been Easier with UpdateStar Premium Edition!
Microsoft Visual C++ 2015 Redistributable Package Microsoft Visual C++ 2015 Redistributable Package
Boost your system performance with Microsoft Visual C++ 2015 Redistributable Package!
Microsoft Edge Microsoft Edge
A New Standard in Web Browsing
Google Chrome Google Chrome
Fast and Versatile Web Browser
Microsoft Visual C++ 2010 Redistributable Microsoft Visual C++ 2010 Redistributable
Essential Component for Running Visual C++ Applications
Microsoft Update Health Tools Microsoft Update Health Tools
Microsoft Update Health Tools: Ensure Your System is Always Up-to-Date!
View more »

Browse

UpdateStar
Never miss an update for CVE-2012-1889 again with UpdateStar
Current Newsletter

Latest Updates

S

Saw Master 0.3

This experience offers a unique twist on the traditional Hide and Seek game, with players concealed in a variety of inventive locations. Participants may hide in closets, bathtubs, or freely move around the environment.
E

Exambook: Exam Preparation App 3.7

ExamBook is an educational application designed to facilitate comprehensive preparation for a wide range of competitive exams through mock tests, quizzes, and updated job alerts.
B

BOEF 1.2.7

This game presents an engaging RPG experience centered around the development of your own character through various illicit activities, such as theft and drug dealing.
R

RaptorGamer 24.8

This channel caught my attention; interesting, isn't it? 7u7 I am #RaptorGamer. On this channel, we are friendly and passionate about creating content driven by genuine interest. Our focus includes video games, travel, and otaku culture.
P

Probability and Statistics 1.8

The resource offers a comprehensive introduction to probability and statistics, focusing on essential concepts, definitions, and practical applications.
G

GCSE Combined Science 8.4.e

This comprehensive resource provides GCSE Integrated Science (Combined Science) notes, experiments, multiple choice questions, and flash-cards designed to support students preparing for O level and GCSE-equivalent examinations.
All Latest Updates

Latest News

PicPick 7.4.0 available for download

PicPick 7.4.0 available for download

Try a free UpdateStar Pack to get a basic software setup for Windows

Try a free UpdateStar Pack to get a basic software setup for Windows

Google Chrome 137.0.7151.119 / .120 with 3 security fixes and Extended Stable 136.0.7103.177

Google Chrome 137.0.7151.119 / .120 with 3 security fixes and Extended Stable 136.0.7103.177

VPN Trends in 2025: Advanced Privacy Features and Decentralization

VPN Trends in 2025: Advanced Privacy Features and Decentralization

Fun Fact: There Is Always One Security Vendor Who Thinks UpdateStar.com Is Suspicious

Fun Fact: There Is Always One Security Vendor Who Thinks UpdateStar.com Is Suspicious

Microsoft Edge 137.0.3296.62 available

Microsoft Edge 137.0.3296.62 available

More News