MS13-054 - Critical : Vulnerability in GDI+ Could Allow Remote Code Execution (2848295) -...


Extraordinary Robot
Severity Rating: Critical
Revision Note: V.1.1 (August 1, 2013): Bulletin revised to announce a detection change in the 2687276 update for Microsoft Office 2010. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action. In addition, bulletin revised to add update FAQs to help clarify the configurations to which the updates for Microsoft Office may apply.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows, Microsoft Office, Microsoft Lync, and Microsoft Visual Studio. The vulnerability could allow remote code execution if a user views shared content that embeds TrueType font files.

Continue reading...