MS15-060: Vulnerability in Microsoft Common Controls Could Allow Remote Code Execution (3059317)
High Nessus Plugin ID 84056
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host is affected by a remote code execution vulnerability due to a user-after-free error in Microsoft Common Controls. A remote attacker can exploit this vulnerability by convincing a user to click a specially crafted link, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.