Security Vulnerabilities fixed in Direct2D MS14-007

description-logoDescription

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to view specially crafted content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to an attacker's website, or by getting them to open an attachment sent through email.

affected-products-logoAffected Applications

Windows 7
Windows Server 2008 R2
Windows 8
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1

CVE References

CVE-2014-0263