Severity Rating: Critical
Revision Note: V3.1 (October 23, 2012): Added the KB2721691 update to the Bulletin FAQ that explains which updates are available for Windows 8 Release Preview and Windows Server 2012 Release Candidate.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker’s website.
Powered by WPeMatico