Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
Keep free by purchasing something from our sponsors.
Make a financial contribution
  Technical Updates @ TACKtech Corp.  

01.16.2012 - MS12-007 - Important : Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) - Version: 2.1

View Microsoft related news. Severity Rating: Important
Revision Note: V2.1 (January 16, 2012): Added a link to Microsoft Knowledge Base Article 2607664 under Known Issues in the Executive Summary. Also, revised entry in the update FAQ to clarify why the upgrade to AntiXSS Library version 4.2.1 is only available from the Microsoft Download Center.
Summary: This security update resolves one privately reported vulnerability in the Microsoft Anti-Cross Site Scripting (AntiXSS) Library. The vulnerability could allow information disclosure if an attacker passes a malicious script to a website using the sanitization function of the AntiXSS Library. The consequences of the disclosure of that information depends on the nature of the information itself. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. Only sites that use the sanitization module of the AntiXSS Library are affected by this vulnerability.

- View Microsoft Security Bulletin MS12-007
- View Microsoft Knowledge Base Article - on: 2.
- Visit Microsoft Corporation

NID: 40682 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS16-121 - Critical: Security Update for Microsoft Office (3194063) - Version: 1.1
MS16-127 - Critical: Security Update for Adobe Flash Player (3194343) - Version: 1.0
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 1.1
MS16-101 - Important: Security Update for Windows Authentication Methods (3178465) - Version: 2.0
MS16-119 - Critical: Cumulative Security Update for Microsoft Edge (3192890) - Version: 1.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates