Rapid7 Vulnerability & Exploit Database

MS10-042: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)

Back to Search

MS10-042: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
06/15/2010
Created
07/25/2018
Added
07/13/2010
Modified
06/26/2015

Description

This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.

Solution(s)

  • WINDOWS-HOTFIX-MS10-042-4a7a12c8-7d58-46e6-a0f5-060046ebcee8
  • WINDOWS-HOTFIX-MS10-042-72226ee0-a746-4e53-b12c-8d5f9c4dfdc1
  • WINDOWS-HOTFIX-MS10-042-9073cf51-43b0-4baf-a468-fdd1e5029170
  • WINDOWS-HOTFIX-MS10-042-c86b1cc2-268b-48a6-b2f9-0a6dca0116cb
  • WINDOWS-HOTFIX-MS10-042-f5e00b08-8c78-4f22-8863-a84150b77007

References

  • WINDOWS-HOTFIX-MS10-042-4a7a12c8-7d58-46e6-a0f5-060046ebcee8
  • WINDOWS-HOTFIX-MS10-042-72226ee0-a746-4e53-b12c-8d5f9c4dfdc1
  • WINDOWS-HOTFIX-MS10-042-9073cf51-43b0-4baf-a468-fdd1e5029170
  • WINDOWS-HOTFIX-MS10-042-c86b1cc2-268b-48a6-b2f9-0a6dca0116cb
  • WINDOWS-HOTFIX-MS10-042-f5e00b08-8c78-4f22-8863-a84150b77007

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;