MS12-060 - Critical : Vulnerability in Windows Common Controls Could Allow Remote Code Execution (27

System

System

Staff member
May 19, 2012
In the Machine
Severity Rating: Critical
Revision Note: V2.0 (December 11, 2012): Rereleased bulletin to replace the KB2687323 update with the KB2726929 update for Windows common controls on all affected variants of Microsoft Office 2003, Microsoft Office 2003 Web Components, and Microsoft SQL Server 2005. See the update FAQ for details.
Summary: This security update resolves a privately reported vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The malicious file could be sent as an email attachment as well, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.

View this security bulletin
 
You must log in or register to reply here.

Similar threads

M
CVE-2024-43488 Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
Replies
0
Views
16
MSRC Security Update
M
M
CVE-2024-43491 Microsoft Windows Update Remote Code Execution Vulnerability
Replies
0
Views
27
MSRC Security Update
M
P
MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution
Replies
0
Views
637
PraveenKumar_1999
P
H
How to fix MS13-002: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
Replies
0
Views
2K
Harry_henry
H
Server Man
Changes to Ticket-Granting Ticket (TGT) Delegation Across Trusts in Windows Server (AskPFEPlat edition)
Replies
0
Views
653
Server Man
Server Man
Back
Top Bottom