MS14-043: Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742)
Medium Nessus Plugin ID 77160
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host is affected by a remote code execution vulnerability due to a user-after-free flaw in Microsoft Windows Media Center. An attacker can exploit this vulnerability by convincing a user to open a file or visit a website containing a specially crafted Office file, resulting in execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows Vista, 7, 8, and 8.1.