Severity Rating: Important
Revision Note: V1.2 (April 27, 2011): Corrected the severity table and vulnerability section to add CVE-2010-4701 as a vulnerability addressed by this update. This is an informational change only.
Summary: This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opened a specially crafted fax cover page file (.cov) using the Windows Fax Cover Page Editor. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
More...
Revision Note: V1.2 (April 27, 2011): Corrected the severity table and vulnerability section to add CVE-2010-4701 as a vulnerability addressed by this update. This is an informational change only.
Summary: This security update resolves two publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opened a specially crafted fax cover page file (.cov) using the Windows Fax Cover Page Editor. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
More...
