CPE: McAfee AudioParasitic: Episode 44: M$ sec bulletin
length: 00:12:34
all interesting – all uniform – all critical /remote exec
interesting:
MS08-052: vulnerabilities in Microsoft Windows GDI+. These
vulnerabilities could allow remote code execution if a user viewed a specially
crafted image file using affected software or browsed a Web site that contains
specially crafted content.
Affects many applications: Visio, works, forpro
Group GDI vulnerability
MS08-054: vulnerability
in Windows Media Player that could allow remote code execution when a specially
crafted audio file is streamed from a Windows Media server. If a user is logged
on with administrative user rights, an attacker who successfully exploited this
vulnerability could take complete control of an affected system.
Media related social engineering to lure ppl fall into
trap
Remote execution leading to full control
MS08-055: vulnerability in Microsoft Office. The
vulnerability could allow remote code execution if a user clicks a specially
crafted OneNote URL. An attacker who successfully exploited this vulnerability
could take complete control of an affected system.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home