Tuesday, June 12, 2012

Microsoft Security Advisory 2719615 + Fix it Solution


Microsoft released Security Advisory 2719615 which relates to a Remote Code Execution issue involving MSXML Core Services 3.0, 4.0, 5.0, and 6.0. The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007.

As described in the Security Advisory:
"The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website."


Microsoft Fix it

As an interim work-around, Microsoft has provided a Microsoft Fix it solution that blocks the attack vector for this vulnerability.

The Fix it solution is available from Microsoft KB Article 2719615, with direct links to the download files to enable and disable the solution below.  I suggest that you save both files so that you can disable the solution prior to installing the update when it is released.


EnableDisable
Fix this problem
Microsoft Fix it 50897
Fix this problem
      Microsoft Fix it 50898

References


HatTip:  ky331


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: