Home / bulletins

MS10-096 - Important: Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089) - Version:1.0

Posted on 14 December 2010

Important

Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in Windows Address Book. The vulnerability could allow remote code execution if a user opens a Windows Address Book file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.

Link

 

TOP