MS15-054: Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768)
Medium Nessus Plugin ID 83363
SynopsisThe remote Windows host is affected by a denial of service vulnerability.
DescriptionThe remote Windows host is affected by a flaw due to a failure to properly validate a destination buffer when retrieving icon information from a specially crafted Microsoft Management Console (.msc) file. An unauthenticated, remote attacker, by tricking a victim into opening a malicious .msc file, can exploit this flaw to cause a denial of service.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.