As part of the Cumulative Security Update for July 2012, Microsoft has released a crtical security update for Internet Explorer 9. The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.
The security update resolves two vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Internet Explorer 9 users on Windows Vista, Windows 7, and Windows Server 2008 are affected with the issue. This security update is rated Critical for Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 9 on Windows servers. The vulnerabilities addressed by this update do not affect Windows Server 2008 or Windows Server 2008 R2, when installed using the Server Core installation option. However, the update is available for the Windows 8 Consumer Preview and Windows Server 2012 Consumer Preview.
The Cumulative Security Update for Internet Explorer (2719177) will be available to all the customers who have automatic updating enabled. Customers who have not enabled automatic updating need to check for updates and install this update manually.