XML vulnerability being actively exploited

By /

This week, Microsoft acknowledged that the XML security vulnerability,which was discovered by Google’s Security Team on May 30, has been exploited and there are active attacks going on. It affects all versions of Windows as well as Office 2003 and 2007. If you go to a web site containing the malicious code, using Internet Explorer, attackers could execute code on your computer. Here’s the advisory:

http://technet.microsoft.com/en-us/security/advisory/2719615

We may get another out-of-band update to address this, according to Andrew Lyons (Google). In the meantime, you should check out the Fix It solution in KB article 2719615, which provides a workaround:

http://support.microsoft.com/kb/2719615

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top