ms13-015

The ms13-015 tag covers the Microsoft security bulletin MS13-015, which addresses a critical vulnerability in the .NET Framework. This security update resolves a privately reported vulnerability that could allow elevation of privilege if a user views a specially crafted webpage using a browser that can run XAML Browser Applications (XBAPs). The vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. Successful exploitation could grant an attacker the same user rights as the current user, with users having fewer rights being less impacted. The update is rated Important and was published on February 12, 2013.