(MS14-033) Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)

  Severity: HIGH
  CVE Identifier: CVE-2014-1816
  Advisory Date: JUN 11, 2014

  DESCRIPTION

This security update addresses one vulnerability found in Microsoft Windows that could allow information disclosure once successfully exploited by remote attackers. They (remote attackers) can launch social engineering attacks which can trick users into clicking a malicious URL, leading to the exploit of this vulnerability.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows 8 for 32-bit Systems
  • Windows 8 for x64-based Systems
  • Windows 8.1 for 32-bit Systems
  • Windows 8.1 for x64-based Systems
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1

Featured Stories