(MS11-033) Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663)
Severity: HIGH
CVE Identifier: CVE-2011-0028
Advisory Date: MAY 19, 2011
DESCRIPTION
This security update resolves a vulnerability in Microsoft Window, which may lead to remote code execution if a user opened a malicious file using WordPad. Once exploited successfully, an attacker could gain the same user rights as the local user. Users with fewer user rights on the system could be less impacted than system administrators.
TREND MICRO PROTECTION INFORMATION
For information on patches specific to the affected software, please proceed to the Microsoft Web page.
AFFECTED SOFTWARE AND VERSION
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems