all InfoSec news
A Vulnerability in Microsoft MSHTML Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center cisecurity.org
A vulnerability has been discovered in Microsoft MSHTML, which could allow for remote code execution. MSHTML (also known as Trident) is the engine used for Internet Explorer. It is also used by Microsoft Office applications for rendering web based content. Successful exploitation of this vulnerability could result in remote code execution in the context of the affected user. Depending on the privileges associated with the user, an attacker could view, change, or delete data.