Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Mail and Windows Meeting Space vulnerability could allow remote code execution


Report ID: MS201111003
Date Published: 10 November 2011

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows Vista
Windows Server 2008
Windows  7
Windows Server 2008 R2




Summary

A vulnerability in Windows Mail and Windows Meeting Space, involving the loading of DLL files, could allow an attacker to execute arbitrary code from a remote location.



Detailed Description

Microsoft has issued a security update that addresses a vulnerability in Windows Mail and Windows Meeting Space. The vulnerability exists when the path used for loading external libraries is not properly restricted. Upon successful exploit, a remote attacker could execute arbitrary code and take control of the affected system.

The latest security update introduces correction on the way that Windows Mail and Windows Meeting Space load external libraries. As a protection against potential exploit, users are recommended to install this latest upate.



CVE Reference

CVE-2011-2016



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-085)




Online Virus Scanner

 
Run a quick online virus scan of your computer.