XML vulnerability being actively exploited

This week, Microsoft acknowledged that the XML security vulnerability,which was discovered by Google’s Security Team on May 30, has been exploited and there are active attacks going on. It affects all versions of Windows as well as Office 2003 and 2007. If you go to a web site containing the malicious code, using Internet Explorer, attackers could execute code on your computer. Here’s the advisory:

http://technet.microsoft.com/en-us/security/advisory/2719615

We may get another out-of-band update to address this, according to Andrew Lyons (Google). In the meantime, you should check out the Fix It solution in KB article 2719615, which provides a workaround:

http://support.microsoft.com/kb/2719615

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top