Vulnerability

(MS12-081) Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2758857)

Publish date: December 12, 2012

CVE-2012-4774

SEVERITY

CRITICAL

//  ADVISORY DATE

  


DESCRIPTION

This patch addresses a vulnerability in Microsoft Windows, which could be exploited when a users browses a folder/file with a specially crafted filename. As such, this could result to remote code execution thus compromising the security of the system. Remote attackers can also have the same user rights as the current user.

SOLUTION

AFFECTED SOFTWARE AND VERSION

  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 2
  • Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7 for 32-bit Systems
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Featured Stories

Connect with us on