Thanks wired57 from our BPN Forum
Issue
The Microsoft VM is a virtual machine for the Win32(r) operating environment. The Microsoft VM shipped as part of most versions of Windows (a complete list is available in the FAQ), as well as part of most versions of Internet Explorer. It also was available for some timeas a separate download. A new patch for the Microsoft VM is available,which eliminates three security vulnerabilities. The attack vectors forall of them would likely be the same. An attacker would likely create a web page that, when opened, exploits the desired vulnerability, and either host it on a web page or send it to a user as an HTML mail.
Summary
-
Who should read this bulletin: All customers using Microsoft® Windows®.
Impact of vulnerability: Three vulnerabilities, the most serious of which could enable an attacker to gain complete control over a user's system.
Maximum Severity Rating: Critical
Recommendation: Customers should apply the patch immediately.
Download: Windows Update