Intrusion Prevention

MS.IE.MSXML.Object.Handling.Remote.Code.Execution

Description

This indicates an attack attempt against a Code Execution vulnerability in Microsoft XML Core Services.
The vulnerability is caused by an error when the vulnerable software handles a web page containing misused function of MSXML objects. An attacker can trick an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within the context of the target's browser.

Affected Products

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2007 Service Pack 3

Impact

System Compromise: Remote attackers can execute arbitrary code within the security context of the targeted user.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.microsoft.com/technet/security/Bulletin/MS12-043.mspx

CVE References

CVE-2012-1889