Home / bulletins MS11-049 - Important : Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) - Version: 2.3
Posted on 25 January 2012
There is an newer version: MS11-049 - Version: 2.4
ImportantSeverity Rating: Important
Revision Note: V2.3 (January 24, 2012): Added an entry to the update FAQ to announce a detection change for KB2251481, KB2251487, and KB2251489 to correct an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.Other versions
- MS11-049 - Version: 1.0
- MS11-049 - Version: 1.1
- MS11-049 - Version: 1.2
- MS11-049 - Version: 1.3
- MS11-049 - Version: 2.0
- MS11-049 - Version: 2.1
- MS11-049 - Version: 2.2
- MS11-049 - Version: 2.3
- MS11-049 - Version: 2.4
