Windows Live Essentials WLW URI Protocol Information Disclosure Vulnerability (CVE-2013-0096)
Severity: : Medium
Advisory Date: 21 de июля de 2015
DESCRIPTION
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."
INFORMATION EXPOSURE
Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-045
'There is no update available for Windows Essentials 2011. See update FAQ for details.'
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005454