Home / bulletins MS11-006 - Critical: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185) - Version:1.1
Posted on 15 February 2011
CriticalSeverity Rating: Critical - Revision Note: V1.1 (February 14, 2011): Added an entry to the update FAQ to notify customers that before installing this security update, they must undo the workaround, "Modify the Access Control List (ACL) on shimgvw.dll on Windows XP and Windows Server 2003 systems", from systems where they have previously applied it.Summary: This security update resolves a publicly disclosed vulnerability in the Windows Shell graphics processor. The vulnerability could allow remote code execution if a user views a specially crafted thumbnail image. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS11-006 - Version: 1.0
- MS11-006 - Version: 1.1
