sec MS08-050 – Important: Vulnerability in Windows Messenger Could Allow Informatio

[Microsoft]

MS08-050 – Important: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
Bulletin Severity Rating:Important - This security update resolves a publicly reported vulnerability in supported versions of Windows Messenger. As a result of this vulnerability, scripting of an ActiveX control could allow information disclosure in the context of the logged-on user. An attacker could change state, get contact information, and initiate audio and video chat sessions without the knowledge of the logged-on user. An attacker could also capture the user’s logon ID and remotely log on to the user’s Messenger client impersonating that user.
http://www.microsoft.com/technet/security/bulletin/ms08-050.mspx?pubDate=2008-08-12
Array
Tue, 12 Aug 2008 08:00:00 GMT