Home / bulletins MS12-004 - Critical : Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) - Version: 1.2
Posted on 28 January 2012
There is an newer version: MS12-004 - Version: 1.3
CriticalSeverity Rating: Critical
Revision Note: V1.2 (January 27, 2012): Corrected the aggregate severity rating for the KB2631813 update package in the Affected Software table for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. This is a bulletin change only. There were no changes to the security update files or detection logic. Customers should apply all update packages offered for the software installed on their systems. See the update FAQ for details.
Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Other versions
- MS12-004 - Version: 1.0
- MS12-004 - Version: 1.1
- MS12-004 - Version: 1.2
- MS12-004 - Version: 1.3
