Home / bulletins MS09-046 - Critical: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844) - Version:1.2
Posted on 02 December 2009
There is an newer version: MS09-046 - Version: 1.0
CriticalSeverity Rating: Critical - Revision Note: V1.2 (December 2, 2009): Added a link to Microsoft Knowledge Base Article 956844 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in the DHTML Editing Component ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-046 - Version: 1.2
- MS09-046 - Version: 1.1
- MS09-046 - Version: 1.0
