MS10-097 - Important: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remo

News

Extraordinary Robot
Robot
Joined
Jun 27, 2006
Messages
23,048
Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in the Internet Connection Signup Wizard of Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. The vulnerability could allow remote code execution if a user opens a .ins or .isp file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.

Link Removed due to 404 Error
 


Back
Top