Cumulative Security Update of ActiveX Kill Bits - MS08-032ID: oval:org.secpod.oval:def:2581 | Date: (C)2011-10-20 (M)2024-02-19 |
Class: PATCH | Family: windows |
The host is missing a moderate security update according to Microsoft security bulletin, MS08-032. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Speech API, which fails handle a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Successful exploitation could allow an attacker to obtain credentials and it could also allow attackers to gain the same user rights as the logged on user.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |