You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
security context
About this tag
The security context tag on WindowsForum.com covers discussions about vulnerabilities in Microsoft software where an attacker can execute code or perform actions within the security context of a logged-on user or an active session. Topics include the Windows Graphics Rendering Engine vulnerability (Security Advisory 2490606) that could allow remote code execution with the user's privileges, and an Outlook Web Access vulnerability (Security Advisory 2401593) that could enable session hijacking within the security context of the active OWA session. These threads focus on security advisories, workarounds, and the impact of such flaws on user accounts and system integrity.
Revision Note: V1.2 (January 19, 2011): Clarified that the Modify the Access Control List (ACL) on shimgvw.dll workaround only applies to Windows XP and Windows Server 2003 systems and added a new workaround, Disable viewing of thumbnails in Windows Explorer on Windows Vista and Windows Server...
access control
account management
admin rights
advisory
arbitrary code
data security
exploitation
graphics
microsoft
remote access
rendering
securitysecuritycontext
thumbnails
user rights
vulnerability
windows server
windows vista
windows xp
workaround
Revision Note: V1.0 (September 14, 2010): Advisory published.Summary: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An attacker who successfully exploited this vulnerability could hijack...