MS12-066 - Important : Vulnerability in HTML Sanitization Component Could Allow Elevation of...

Discussion in 'Security Alerts' started by News, Jan 15, 2014.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,216
    Likes Received:
    20
    Severity Rating: Important
    Revision Note: V1.4 (January 15, 2014): Bulletin revised to announce a detection change in update 2687356 (a.k.a. 2687442). This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. Note that update 2687356 is offered through Microsoft Update as update 2687442.
    Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Office, Microsoft Communications Platforms, Microsoft Server software, and Microsoft Office Web Apps. The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user. clicks a specially crafted URL that takes the user to a targeted SharePoint site.

    Continue reading...
     

Share This Page

Loading...