MS11-025 - Important : Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote

Discussion in 'Security Alerts' started by News, May 10, 2012.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Important
    Revision Note: V4.3 (March 13, 2012): Added an entry to the update FAQ to announce a detection change for KB2565063 and KB2565057 to correct an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.
    Summary: This security update resolves a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an affected application, and the file is located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by the affected application.


Share This Page