(MS14-024) Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033)
Schweregrad: : Alto
Data do informe: 04 junho 2014
Descrição
This security update addresses a vulnerability found in the implementation of the MSCOMCTL common controls library. Once exploited, remote attackers can bypass the Address Space Layout Randomization (ASLR) security feature, thus potentially opening the affected system to possible attacks leveraging vulnerabilities.
Solução
Software infectado e versão:
- Microsoft Office 2010 Service Pack 1 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2013 (32-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft Office 2010 Service Pack 1 (64-bit editions)
- Microsoft Office 2013 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (64-bit editions)
- Microsoft Office 2013 RT
- Microsoft Office 2013 RT Service Pack 1