MS.Windows.Mail.Insecure.Library.Loading

Release Date Nov 10, 2011
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attempt to exploit a remote Code Execution vulnerability in Windows Mail. The vulnerability is caused by the way the vulnerable application loads "wab32res.dll". A remote attacker can exploit it to load and execute a malicious DLL.
Affected Products Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Recommended Actions Apply the most recent upgrade or patch from the vendor: http://www.microsoft.com/technet/security/Bulletin/MS11-085.mspx
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2011-2016
Reference/s http://technet.microsoft.com/en-us/security/bulletin/MS11-085.mspx (MS-ID)

Fortinet