Microsoft Active Accessibility vulnerability could allow remote code execution
Report ID: MS201110001
Date Published: 12 October 2011
Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Summary
A vulnerability in Microsoft Active Accessibility component could allow a remote attacker to execute arbitrary code and take control of an affected system.
Detailed Description
Microsoft has issued a security update to address a remote code execution vulnerability reported in the Microsoft Active Accessibility component.
The vulnerability is caused by improper path restriction when loading external libraries. It may be exploited by tricking a user into opening a legitimate file located in the same directory as a specially crafted dynamic link library (DLL) file. When the user click to open the file, the Microsoft Active Accessibility component would attempt to load the DLL file and execute any code it contains.
The security update resolves this issue by correcting the way Microsoft Active Accessibility loads external libraries. Users are recommended to install the latest patch to protect their system from potential exploit.
CVE Reference
CVE-2011-1247
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-075)
