Home / bulletins

MS08-070 - Critical: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) - Version:1.1

Posted on 15 December 2008

There is an newer version: MS08-070 - Version: 1.2

Critical

Severity Rating: Critical - Revision Note: V1.1 (December 15, 2008): Added an entry in the section, Frequently asked questions (FAQ) related to this security update, announcing that Microsoft has released a cumulative update for Microsoft Visual Basic 6.0 Service Pack 6 (KB957924) that includes the update for Microsoft Visual Basic 6.0 Runtime Extended Files (KB926857) provided in this bulletin. This is an informational change only. There were no changes to the security update binaries in this bulletin.Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. These vulnerabilities could allow remote code execution if a user browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Link

Other versions

 

TOP