MS15-066: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604)
High Nessus Plugin ID 84736
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe VBScript scripting engine on the remote host is affected by a remote code execution vulnerability due to improper handling of objects in memory. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted website or open a specially crafted Microsoft Office document, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows 2003, Vista, 2008, and 2008 R2.