U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Microsoft Releases Security Advisory for Microsoft XML Core Services

Original release date: June 13, 2012 | Last revised: October 23, 2012

Microsoft has released Security Advisory 2719615 to address a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted web pages using Internet Explorer. According to the advisory, this vulnerability is currently being exploited in the wild.

US-CERT encourages users and administrators to review Microsoft Security Advisory 2719615. The advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate the risk against known attack vectors.

Update: Additional information regarding CVE-2012-1889 can be found in the US-CERT Technical Alert TA12-174A.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top