KLA10013
OSI vulnerability in multiple Microsoft XML Core Services
Updated: 03/30/2015
CVSS
?
4.3
Detect date
?
06/10/2014
Severity
?
Warning
Description

By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction.

Affected products

Windows Server 2003 SP2 x86, x64, for Itanium
Windows Vista SP2 x86, x64
Windows Server 2008 SP2 x86, x64, for Itanium
Windows 7 SP1 x86, x64
Windows Server 2008 R2 SP1 x64, for Itanium
Windows 8 x86, x64 Windows 8.1 x86, x64
Windows Server 2012, 2012 R2
Windows RT & Windows RT 8.1  

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS14-033

Impacts
?
OSI 
[?]
Related products
Microsoft Windows Server
Microsoft Windows
CVE-IDS
?

CVE-2014-1816

Microsoft official advisories
MS14-033
KB list

2966631
2957482
2966061
2939576