MS13-002 - Critical : Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code...

Discussion in 'Security Alerts' started by News, Dec 16, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,215
    Likes Received:
    20
    Severity Rating: Critical
    Revision Note: V1.2 (December 16, 2013): Revised bulletin to announce a detection change to correct an offering issue for Windows RT (2757638). This is a detection change only. There were no changes to the update files. Customers who have successfully installed the update do not need to take any action.
    Summary: This security update resolves two privately reported vulnerabilities in Microsoft XML Core Services. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker's website.

    Continue reading...
     

Share This Page

Loading...