Customers who have not enabled automatic updating need to check for updates and install this update manually. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability later in this bulletin. The security update addresses the vulnerabilities by correcting the way Windows handles certain specially crafted files and by correcting the way GDI+ validates specially crafted image record types. For more information, see the Affected and Non-Affected Software section. It is rated Important for all supported editions of Microsoft Office 2007 and Microsoft Office 2010. This security update is rated Critical for all supported editions of Windows, Microsoft Live Meeting 2007, Microsoft Lync 2010, and Microsoft Lync 2013. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could allow remote code execution if a user opens a specially crafted file or webpage. This security update resolves two privately reported vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. Version: 2.0 General Information Executive Summary
In this article Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
0 kommentar(er)
