Microsoft Security Advisory 2719615 - MSXML - CVE-2012-1889
Several readers mentioned that Microsoft today issued a Security advisory regarding Microsoft XML Core Services (MSXML). This is in response to active exploitation.
The issues affects Office 2003 and 2007 on all versions of windows. All a user has to do to fall victim is visit the wrong website using IE.
Microsoft has issued a fixit for it in the form of an msi file (see the KB 2719615 link below)
Alternative strategies would be to use browsers that do not support ActiveX, or disable the support in IE.
Links:
- http://technet.microsoft.com/en-us/security/advisory/2719615
- http://support.microsoft.com/kb/2719615
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1889
--
Swa Frantzen -- Section 66
×
Diary Archives