(MS14-043) Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742)

  Severity: CRITICAL
  CVE Identifier: CVE-2014-4060
  Advisory Date: AUG 14, 2014

  DESCRIPTION

This update resolves a remote code execution vulnerability found in the Windows Media Center. To exploit the vulnerability, an attacker must convince its target to open or execute a specially crafted Microsoft Office file.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows 8 for 32-bit Systems
  • Windows 8 for x64-based Systems
  • Windows 8.1 for 32-bit Systems
  • Windows 8.1 for x64-based Systems
  • Windows Media Center TV Pack for Windows Vista (32-bit editions)
  • Windows Media Center TV Pack for Windows Vista (64-bit editions)