MS15-019: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3040297)
High Nessus Plugin ID 81734
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe VBScript scripting engine installed on the remote Windows host is affected by a remote code execution vulnerability due to improper handling of objects in memory. A remote attacker can exploit this issue by convincing a user to visit a specially crafted website or open a specially crafted Microsoft Office document, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows 2003, Vista, 2008, and 2008 R2.