CVE-2010-0249 is a critical remote code execution (RCE) vulnerability in Microsoft Internet Explorer. The flaw is caused by a memory corruption/use-after-free vulnerability in the way Internet Explorer handles certain HTML objects and cascading style sheets

When a user visits a specially crafted malicious webpage, Internet Explorer may improperly access freed memory, allowing attackers to execute arbitrary code on the victim’s system.

The vulnerability affects:

• Microsoft Internet Explorer 6, 7, and 8
• Supported Microsoft Windows systems at the time, including: · Windows XP
  · Windows Vista
  · Windows 7
  · Windows Server 2003/2008

Typical exploitation flow:

1. Malicious website preparation
- The attacker creates a webpage containing specially crafted HTML/CSS and JavaScript.

2. Victim lured to the site
- Delivery methods include:
* Phishing emails
* Instant messaging links
* Compromised legitimate websites

3. Memory corruption triggered
- Internet Explorer improperly handles specific objects and accesses invalid memory.

4. Use-after-free exploitation
- The attacker manipulates freed memory to redirect execution flow.

5. Remote code execution
- Malicious code runs with the privileges of the logged-in user.

CERTVU recommends the following:

Apply Microsoft Security Updates (Critical)