Microsoft Releases Security Advisory 2501696
Original release date: January 28, 2011 at 2:02 pm
Last revised: January 28, 2011 at 2:02 pm
Microsoft has released Microsoft security advisory 2501696 indicating
that it is investigating public reports of a vulnerability affecting
Windows. This vulnerability is due to the way MHTML interprets
MIME-formatted requests for content blocks within a document.
Exploitation of this vulnerability may allow an attacker to obtain
sensitive information.
US-CERT encourages users and administrators to review Microsoft
security advisory 2501696 and implement the suggested workarounds or
utilize Microsoft Fix it 50602 to help mitigate the risks. Additional
information regarding this vulnerability can be found on the Microsoft
TechNet Security Research & Defense blog.
Relevant Url(s):
<http://blogs.technet.com/b/srd/>
<http://support.microsoft.com/kb/2501696>
<http://www.microsoft.com/technet/security/advisory/2501696.mspx>
====
This entry is available at
http://www.us-cert.gov/current/index.ht ... ry_2501696