MS.Windows.Mail.Insecure.Library.Loading
Description
This indicates an attempt to exploit a remote Code Execution vulnerability in Windows Mail.
The vulnerability is caused by the way the vulnerable application loads "wab32res.dll". A remote attacker can exploit it to load and execute a malicious DLL.
Affected Products
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
http://www.microsoft.com/technet/security/Bulletin/MS11-085.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |