MS11-038 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

Discussion in 'Security Alerts' started by News, Jun 14, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,203
    Likes Received:
    20
    Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.

    More...
     

Share This Page

Loading...