Remote Code Execution Vulnerability in Indexing Service - MS09-057ID: oval:org.secpod.oval:def:2292 | Date: (C)2011-09-29 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS09-057. The update is required to fix remote code execution vulnerability. A flaw is present in the ActiveX control included with Windows Indexing Service, which fails to handle specifically crafted Web content. Successful exploitation allows an attacker to execute arbitrary code and could take complete control of an affected system.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |