1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Microsoft XML Core Services Vulnerability

Report ID: MAPP-CVE20121889
Date Published: 15 June 2012
Date Revised: -

Criticality: -
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Microsoft Office 2003
Microsoft Office 2007


A vulnerability in Microsoft XML Core Services places an unprotected system at risk of being controlled by a remote attacker.

Detailed Description

Microsoft has reported about a vulnerability in Microsoft XML Core Services (MSXML) that affects all supported releases of Microsoft Windows, Microsoft Office 2003, and Microsoft Office 2007. The vulnerability exists when MSXML attempts to access an uninitialized object in memory, resulting in memory corruption. An attacker could take advantage of this condition to execute arbitrary code in the context of a logged-on user.

To mitigate the impact of this vulnerability, users are advised to implement some workarounds. Please refer to Microsoft Security Advisory 2719615 for complete instructions.

F-Secure detects the files taking advantage of this vulnerability as Exploit:JS/CVE-2012-1889 starting in Hydra database version 2012-06-15_02, which was released on 15 June 2012. Please allow F-Secure products to block installation of files that take advantage of this vulnerability.


CVE Reference


Detected Exploit


Hydra database version 2012-06-15_02

Release Date
15 June 2012


Allow F-Secure Internet Security or F-Secure Anti-Virus to remove or disinfect malicious files.

Additional Info


Online Virus Scanner

Run a quick online virus scan of your computer.


Submit a sample

Wondering if a file or URL is malicious?

Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)