1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

MS14-064 - Critical: Vulnerabilities in Windows OLE Could Allow Remote Code Execution...

Discussion in 'Security Updates' started by Microsoft Security, Nov 11, 2014.

  1. Microsoft Security

    Microsoft Security Guest

    Severity Rating: Critical
    Revision Note: V1.0 (November 11, 2014): Bulletin published.
    Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows Object Linking and Embedding (OLE). The vulnerabilities could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    View the full article
     
    Microsoft Security, Nov 11, 2014
    #1

Share This Page