Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Object Packager vulnerability could allow remote code execution


Report ID: MS201201002
Date Published: 11 January 2012

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003




Summary

A vulnerability in Microsoft Windows, involving the way that Windows registers and uses Windows Object Packager, could lead to arbitrary code execution on an affected system.



Detailed Description

Microsoft has released a security update to address a vulnerability that exists due to the way that Windows registers and uses Windows Object Packager. Upon successful exploit, an attacker could be able to execute arbitrary code and take complete control of an affected system.

This vulnerability has been addressed in the latest update, which introduces a correction on the registry key associated with the Windows Object Packager. Users are recommended to patch their machine with this update as a protection against potential exploit.



CVE Reference

CVE-2012-0009



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-002)



Online Virus Scanner

 
Run a quick online virus scan of your computer.