Windows Object Packager vulnerability could allow remote code execution
Report ID: MS201201002
Date Published: 11 January 2012
Compromise Type: remote-code-execution
Compromise From: remote
Windows Server 2003
A vulnerability in Microsoft Windows, involving the way that Windows registers and uses Windows Object Packager, could lead to arbitrary code execution on an affected system.
Microsoft has released a security update to address a vulnerability that exists due to the way that Windows registers and uses Windows Object Packager. Upon successful exploit, an attacker could be able to execute arbitrary code and take complete control of an affected system.
This vulnerability has been addressed in the latest update, which introduces a correction on the registry key associated with the Windows Object Packager. Users are recommended to patch their machine with this update as a protection against potential exploit.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-002)