Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
  Technical Updates @ TACKtech Corp.  

01.11.2012 - MS12-007 - Important : Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) - Version: 2.0

View Microsoft related news. Severity Rating: Important
Revision Note: V2.0 (January 11, 2012): Announced that the original upgrade package, AntiXSS Library version 4.2, has been replaced with AntiXSS Library version 4.2.1. All users of the AntiXSS Library will need to upgrade to AntiXSS Library version 4.2.1 to help ensure they are protected from the vulnerability described in this bulletin. See the update FAQ for more information.
Summary: This security update resolves one privately reported vulnerability in the Microsoft Anti-Cross Site Scripting (AntiXSS) Library. The vulnerability could allow information disclosure if an attacker passes a malicious script to a website using the sanitization function of the AntiXSS Library. The consequences of the disclosure of that information depends on the nature of the information itself. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. Only sites that use the sanitization module of the AntiXSS Library are affected by this vulnerability.

- View Microsoft Security Bulletin MS12-007
- View Microsoft Knowledge Base Article - on: 2.
- Visit Microsoft Corporation

NID: 40638 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS17-002 - Important: Security Update for Microsoft Office (3214291) - Version: 1.1
MS17-001 - Important: Security Update for Microsoft Edge (3214288) - Version: 1.0
MS17-004 - Important: Security Update for Local Security Authority Subsystem Service (3216771) - Version: 1.0
MS17-003 - Critical: Security Update for Adobe Flash Player (3214628) - Version: 1.0
MS16-002 - Critical: Security Update for Microsoft Office (3214291) - Version: 1.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates