فا

‫ Microsoft Windows OLE Object Handling Arbitrary Code Execution Vulnerability

ID: IRCAD2014103568
Release Date: 2014-10-15
Criticality level: Highly critical
Software:
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Vista
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error when handling OLE objects embedded within Microsoft Office files and can be exploited to execute arbitrary code.
Note: Reportedly, this vulnerability is currently being exploited in limited, targeted attacks.
Solution
Apply update.
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
References:
MS14-060 (KB3000869):
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 مهر 1393

امتیاز

امتیاز شما
تعداد امتیازها: 0