MS12-046 - Important : Vulnerability in Visual Basic for Applications Could Allow Remote Code Execut

Discussion in 'Security Alerts' started by News, Jul 10, 2012.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,196
    Likes Received:
    20
    Severity Rating: Important
    Revision Note: V1.0 (July 10, 2012): Bulletin published.
    Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Visual Basic for Applications. The vulnerability could allow remote code execution if a user opens a legitimate Microsoft Office file (such as a .docx file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    More...
     

Share This Page

Loading...