(MS11-076) Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
Publish date: 13 de octubre de 2011
Gravedad: High
Identificadores de CVE : CVE-2011-2009
Fecha recomendada: 13 de octubre de 2011
Descripción
This update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (.DLL) file. Then, while opening the legitimate file, Windows Media Center could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file.
Revelación de la información
Soluciones
Software y versión afectados
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1