NUEVA VULNERABILIDAD, Microsoft Windows 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution Vulnerability
Posted: 26/10/10 by komz in Etiquetas: Arbitrary Code Execution Vulnerability, Ataques, DLL de Microsoft, Microsoft Windows 'lpksetup.exe', Vulnerabilidad
0
Microsoft Windows 'lpksetup.exe' is prone to a vulnerability that lets attackers execute arbitrary code.
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
REFERENCIA
Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.
fuente: securityfocus.com