Home / bulletins MS11-049 - Important : Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) - Version: 2.4
Posted on 16 February 2012
ImportantSeverity Rating: Important
Revision Note: V2.4 (February 15, 2012): Corrected the SQL Server Version Range for SQL Server 2008 R2 in the update FAQ.
Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.Other versions
- MS11-049 - Version: 1.0
- MS11-049 - Version: 1.1
- MS11-049 - Version: 1.2
- MS11-049 - Version: 1.3
- MS11-049 - Version: 2.0
- MS11-049 - Version: 2.1
- MS11-049 - Version: 2.2
- MS11-049 - Version: 2.3
- MS11-049 - Version: 2.4
