Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

OLE vulnerability in Windows could allow remote code execution


Report ID: MS201112007
Date Published: 14 December 2011

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003




Summary

A vulnerability in Object Linking and Embedding (OLE) in Windows could lead to remote code execution.



Detailed Description

Microsoft has released a security update for Windows XP and Windows Server 2003, which are affected by a vulnerability involving Object Linking and Embedding (OLE) technology. The vulnerability was caused by incorrect handling of OLE objects in memory.

An attacker who successfully exploit this vulnerability could execute code in the context of a logged-on user. This vulnerability has been resolved in the update by introducing changes in the way that OLE objects are handled in memory. Users are recommended to install this latest update as a protection against potential exploits.



CVE Reference

CVE-2011-3400



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-093)




Online Virus Scanner

 
Run a quick online virus scan of your computer.