MS11-027 - Critical : Cumulative Security Update of ActiveX Kill Bits (2508272) - Version: 1.1

Discussion in 'Security Alerts' started by News, Sep 8, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Critical
    Revision Note: V1.1 (July 27, 2011): Added class identifiers for the Microsoft WMITools ActiveX Control described in this bulletin's vulnerability section for CVE-2010-3973. This is an informational change only. Customers who have already applied the "Prevent COM objects from running in Internet Explorer" workaround for this vulnerability should reapply this workaround with the additional class identifiers.
    Summary: This security update resolves two privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft software. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page that instantiates a specific ActiveX control with Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes kill bits for three third-party ActiveX controls.


Share This Page