MS11-038 - Critical : Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490) -

Discussion in 'Security Alerts' started by News, Sep 8, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Critical
    Revision Note: V1.0 (June 14, 2011): Bulletin published.
    Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.


Share This Page