After analyzing the leaked data from last week's attack on Hacking Team, Vectra researchers discovered a previously unknown high severity vulnerability in Internet Explorer 11, which impacts the browser on both Windows 7 and Windows 8.1. The vulnerability is an exploitable use-after-free (UAF) vulnerability that occurs within a custom heap in JSCRIPT9. Since it exists within a custom heap, it can allow an attacker to bypass protections found in standard memory. Microsoft has published a patch for this vulnerability, and also patched another one pulled from the Hacking Team files by different security researchers.

http://tech.slashdot.org/story/15/07...ng-team-breach