MS13-045 - Important : Vulnerability in Windows Essentials Could Allow Information Disclosure (28137

News

Extraordinary Robot
Robot
Joined
Jun 27, 2006
Messages
23,048
Severity Rating: Important
Revision Note: V1.0 (May 14, 2013): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Windows Writer. The vulnerability could allow information disclosure if a user opens Writer using a specially crafted URL. An attacker who successfully exploited the vulnerability could override Windows Writer proxy settings and overwrite files accessible to the user on the target system. In a web-based attack scenario, a website could contain a specially crafted link that is used to exploit this vulnerability. An attacker would have to convince users to visit the website and open the specially crafted link.

More...
 


Back
Top