MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information...

Discussion in 'Microsoft' started by MalwareTips Bot, Oct 19, 2017.

  1. MalwareTips Bot

    MalwareTips Bot MT Robot
    Staff Member Content Creator

    Apr 21, 2016
    #1 MalwareTips Bot, Oct 19, 2017
    Last edited by a moderator: Oct 20, 2017
    Severity Rating: Important
    Revision Note: V1.1 (October 19, 2017): Corrected a typo in the CVE description.
    Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing specially crafted JPEG content. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerability by itself does not allow arbitrary code execution. However, an attacker could use this information disclosure vulnerability in conjunction with another vulnerability to bypass security features such as Address Space Layout Randomization (ASLR).

    Read more: Microsoft Security Bulletin MS14-085 - Important
    harlan4096 and shmu26 like this.