Posted September 13, 201113 yr Severity Rating: Important Revision Note: V2.1 (September 13, 2011): Added an update FAQ to announce a detection change for KB2494089 that corrects an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. Read Bulletin
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.