Microsoft Security Bulletin MS11-001 - Important
Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)
This security update resolves a publicly disclosed vulnerability in Windows Backup Manager. The vulnerability could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the legitimate file from that location, which in turn could cause Windows Backup Manager to load the specially crafted library file.
This security update is rated Important for all supported editions of Windows Vista. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by correcting the manner in which Windows Backup Manager loads external libraries. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.Read more...
- Security Bulletins Windows and Mac
- Microsoft Security Bulletin MS11-001 - Important: Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)
- Microsoft Security Bulletin MS11-002 - Critical: Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)
- About the security content of Mac OS X v10.6.6