Endpoint Vulnerability

Vulnerability in Direct2D Could Allow Remote Code Execution


This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to view specially crafted content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to an attacker's website, or by getting them to open an attachment sent through email.

Affected Products

Windows 7,Windows Server 2008 R2,Windows 8,Windows 8.1,Windows Server 2012,Windows Server 2012 R2,Windows RT 8.1