Windows Mail and Windows Meeting Space vulnerability could allow remote code execution
Report ID: MS201111003
Date Published: 10 November 2011
Compromise Type: remote-code-execution
Compromise From: remote
Windows Server 2008
Windows Server 2008 R2
A vulnerability in Windows Mail and Windows Meeting Space, involving the loading of DLL files, could allow an attacker to execute arbitrary code from a remote location.
Microsoft has issued a security update that addresses a vulnerability in Windows Mail and Windows Meeting Space. The vulnerability exists when the path used for loading external libraries is not properly restricted. Upon successful exploit, a remote attacker could execute arbitrary code and take control of the affected system.
The latest security update introduces correction on the way that Windows Mail and Windows Meeting Space load external libraries. As a protection against potential exploit, users are recommended to install this latest upate.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-085)