06.165.2011 - MS11-038 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request. - View Microsoft Security Bulletin MS11-038 - View Microsoft Knowledge Base Article - 476490 - Visit Microsoft Corporation