MS11-038 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490) - V

Discussion in 'Security Alerts' started by News, Jun 14, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Critical - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.


Share This Page