Security Advisory for Microsoft XML
Last Updated: 06/14/2012
Security Notice Level
SEVERE
Microsoft has released a security advisory as well a “FIX-IT” and workaround instructions to address a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. This vulnerability, if not addressed, could allow an attacker to execute arbitrary code when a user visits a maliciously crafted web page using Internet Explorer. Microsoft reports that this vulnerability is being exploited in the wild.
The IT Security Office advises those affected to follow the instructions in the linked documents below “Additional Information”.
Security Bulletin Names:
- Microsoft Security Advisory (2719615): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
- Released: June 12, 2012
Additional Information
Affected Software
- Microsoft Windows
- Microsoft Server
- Microsoft Office 2003 and 2007