Security Information Vulnerability Research Security Blog

6 new advisories, none affect Vista

November 15th, 2006 by , Filed under: Commentary, Microsoft

It sounds like a good start, Vista appears to be not affect any of the 6 new advisories released today by Microsoft. The vulnerability affecting Vista is the XML Core vulnerability in IE that has been recently exploited by malicious web sites to execute arbitrary code.

It would be interesting to see whether this trend of Vista staying outside the spotlight of vulnerabilities continues.

[UPDATE] – The XML vulnerability doesn’t affect Vista sorry for the confusion:

Is Windows Vista vulnerable to this issue?
Windows Vista does not include a vulnerable version of Microsoft XML Core Services. Windows Vista includes msxml6.dll version 6.10.1129 and is not vulnerable. However, if an application has been applied that installed a vulnerable version of Microsoft XML Core Services 4.0 this update should be applied

Share
  • sunshine

    SImple check: is the code different generally, or was it specifically patched for these ahead of release?

  • http://deleted XML Exploit

    or get a RC (or even earlier releases) and test these exploits out :)

  • alì

    NO, Windows Vista is not affected!!!

  • alì

    NO, Windows Vista is not affected!!!
    And MSXML4 and MSXML6 are not in Windows Vista!!!
    And the flaw is in MSXML4 and MSXML6 components ant NOT in Windows

  • http://blogs.securiteam.com/index.php/archives/author/mattmurphy/ Matthew Murphy

    According to MS06-071, Vista is NOT affected by the XML Core Services vulnerability. The component that is installed with it is a non-vulnerable version.

  • usure

    u guz sure? it says: Windows (all versions) in the advisory of Microsoft.

  • Share







  • Categories


Security RSS Subscribe