Severity Rating: Important
Revision Note: V1.1 (September 24, 2012): Modified the Recommendation section in the Executive Summary to reflect a change in the way the update is offered. This update is no longer offered automatically, but can be installed by checking online for updates from Microsoft Update. Customers who have already successfully updated their systems do not need to take any action. Also added a link to Microsoft Knowledge Base Article 2719584 under Known Issues in the Executive Summary.
Summary: This security update resolves a privately reported vulnerability in Visual Studio Team Foundation Server. The vulnerability could allow elevation of privilege if a user clicks a specially crafted link in an email message or browses to a webpage that is used to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker’s website.
Powered by WPeMatico