MS12-027 - Critical : Vulnerability in Windows Common Controls Could Allow Remote Code Execution (26

Discussion in 'Security Alerts' started by News, Apr 10, 2012.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,189
    Likes Received:
    20
    Severity Rating: Critical
    Revision Note: V1.0 (April 10, 2012): Bulletin published.
    Summary: This security update resolves a privately disclosed vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The malicious file could be sent as an email attachment as well, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.

    More...
     

Share This Page

Loading...