MS11-076 - Important : Vulnerability in Windows Media Center Could Allow Remote Code Execution...

News

Extraordinary Robot
News Feed
#1
Severity Rating: Important
Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2579686 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Media Center could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file.

Continue reading...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.