469 matches found
May 9, 2017—KB4019472 (OS Build 14393.1198)
May 9, 2017—KB4019472 OS Build 14393.1198 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where the PC Settings pages do not display the correct options after the...
MS15-109: Description of the security update for Windows Shell: October 13, 2015
MS15-109: Description of the security update for Windows Shell: October 13, 2015 Summary This security update resolves vulnerabilities in Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted toolbar object in Windows or if an attacker convinces a us...
MS12-048: Vulnerability in Windows Shell could allow remote code execution: July 10, 2012
MS12-048: Vulnerability in Windows Shell could allow remote code execution: July 10, 2012 INTRODUCTION Microsoft has released security bulletin MS12-048. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
MS12-072: Vulnerabilities in Windows shell could allow remote code execution: November 13, 2012
MS12-072: Vulnerabilities in Windows shell could allow remote code execution: November 13, 2012 INTRODUCTION Microsoft has released security bulletin MS12-072. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the Windows Shell component of the Windows operating system is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially crafted web page from a remote location...
Microsoft Windows Shell Remote Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows Shell, which arises from the program not properly handling objects in memory. A remote attacker could exploit the vulnerability to execu...
CVE-2016-0179
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."...
CVE-2016-0179
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."...
Cumulative Update for Windows 10: May 10, 2016
Cumulative Update for Windows 10: May 10, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3155533 MS16-051: Cumulative Security update for Internet Explorer: May 10, 2016 3155538 MS16-052:...
Cumulative Update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: May 10, 2016
Cumulative Update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: May 10, 2016 Summary This security update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4 includes functionality improvements and fixes, and it resolves the following vulnerabilities...
MS16-057: Security update for Windows shell: May 10, 2016
Resolves a vulnerability in Windows that could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website that accepts user-provided online content, or convinces a user to open specially crafted content.SummaryThis security update resolves a...
Microsoft Windows Shell CVE-2016-0179 Remote Code Execution Vulnerability
Description Microsoft Windows Shell is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 for 32-b...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the Windows Shell component of the Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted toolbar item...
CVE-2015-2548
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability."...
Design/Logic Flaw
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability."...
Design/Logic Flaw
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted toolbar...
CVE-2015-2548
CVE-2015-2548 is a use-after-free vulnerability in the Tablet Input Band of Windows Shell that can enable remote code execution when a user visits a specially crafted web page. Affected products explicitly noted: Windows Vista SP2 and Windows 7 SP1 (Tablet Input Band memory handling). The vulnera...
CVE-2015-2515
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted toolbar...
CVE-2015-2515
CVE-2015-2515 is a remote code execution vulnerability in Windows Shell caused by a use-after-free when handling crafted toolbar objects. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012/2012 R2, Windows RT/RT 8.1, and ...
CVE-2015-2548
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability."...