(MS13-002) Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)

  Severity: CRITICAL
  CVE Identifier: CVE-2013-0006,CVE-2013-0007
  Advisory Date: JAN 09, 2013

  DESCRIPTION

This patch addresses vulnerabilities found in Microsoft XML Core Services, which can result to remote code execution once successfully exploited. The said vulnerabilities can be exploited when a user visits a specially crafted website via Internet Explorer.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 2
  • Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7 for 32-bit Systems
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows 8 for 32-bit Systems
  • Windows 8 for 64-bit Systems
  • Windows Server 2012
  • Windows RT
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012 (Server Core installation)
  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2007 Service Pack 2
  • Microsoft Office 2007 Service Pack 3
  • Microsoft Word Viewer
  • Microsoft Office Compatibility Pack Service Pack 2
  • Microsoft Office Compatibility Pack Service Pack 3
  • Microsoft Expression Web Service Pack 1
  • Microsoft Expression Web 2
  • Microsoft SharePoint Server 2007 Service Pack 2 (32-bit editions)
  • Microsoft SharePoint Server 2007 Service Pack 2 (64-bit editions)
  • Microsoft SharePoint Server 2007 Service Pack 3 (32-bit editions)
  • Microsoft SharePoint Server 2007 Service Pack 3 (64-bit editions)
  • Microsoft Groove Server 2007 Service Pack 2
  • Microsoft Groove Server 2007 Service Pack 3

Featured Stories