Mark Yason

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 10 **Description** The issue allows local users to bypass the elevation policy check in the Protected Mode or Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code. **Recommendations** For Microsoft Internet Explorer versions 6 through 10, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple QuickTime versions prior to 7.7.3 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted REGION record in a PICT file. This can lead to an application crash. **Recommendations** For versions prior to 7.7.3, update to version 7.7.3 or later to resolve the issue.