OLE vulnerability in Windows could allow remote code execution
Report ID: MS201112007
Date Published: 14 December 2011
Compromise Type: remote-code-execution
Compromise From: remote
Windows Server 2003
A vulnerability in Object Linking and Embedding (OLE) in Windows could lead to remote code execution.
Microsoft has released a security update for Windows XP and Windows Server 2003, which are affected by a vulnerability involving Object Linking and Embedding (OLE) technology. The vulnerability was caused by incorrect handling of OLE objects in memory.
An attacker who successfully exploit this vulnerability could execute code in the context of a logged-on user. This vulnerability has been resolved in the update by introducing changes in the way that OLE objects are handled in memory. Users are recommended to install this latest update as a protection against potential exploits.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-093)