MS13-022 - Critical : Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) - Ver

Discussion in 'Security Alerts' started by News, Mar 12, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,189
    Likes Received:
    20
    Severity Rating: Critical
    Revision Note: V1.0 (March 12, 2013): Bulletin published.
    Summary: This security update resolves a privately reported vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if an attacker hosts a website that contains a specially crafted Silverlight application that could exploit this vulnerability and then convinces a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. Such websites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit a website. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website. It could also be possible to display specially crafted web content by using banner advertisements or by using other methods to deliver web content to affected systems.

    More...
     

Share This Page

Loading...