There has been found a MHTML handling related vulnerability in all supported versions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various web sites, resulting in information disclosure.
At the moment, there is not a security update against the problem yet. Workaround for the issue is introduced in related security advisory.
More information:
http://blogs.technet.com/b/srd/archive/2011/01/28/more-information-about-the-mhtml-script-injection-vulnerability.aspx
http://www.microsoft.com/technet/security/advisory/2501696.mspx
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment