Home / bulletins MS08-069 – Critical: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) - Version:2.0
Posted on 05 August 2009
There is an newer version: MS08-069 - Version: 4.0
Severity Rating: Critical - Revision Note: V2.0 (April 29, 2009): Added Microsoft XML Core Services 4.0 (KB954430) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2 as affected software. Also added as non-affected software: Microsoft XML Core Services 3.0 and Microsoft XML Core Services 6.0 on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2. This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB954430 do not need to reinstall.Summary: This security update resolves several vulnerabilities in Microsoft XML Core Services. The most severe vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-069 - Version: 1.0
- MS08-069 - Version: 1.1
- MS08-069 - Version: 1.2
- MS08-069 - Version: 2.0
- MS08-069 - Version: 2.0
- MS08-069 - Version: 2.0
- MS08-069 - Version: 3.0
- MS08-069 - Version: 4.0
