Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This is a critical security update for all supported editions of Windows 2000, Windows XP, Windows Vista, Microsoft Office 2003, and 2007 Microsoft Office System. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The affected platforms are: Windows 2000 (SP4), XP (SP2), Vista, Server 2003 (SP1), Microsoft Office 2003 SP2 & Office 2007