A vulnerability in the Microsoft XML Core Services (MSXML) parser used in Microsoft Windows could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability exists because the affected software improperly handles user input. An attacker could exploit the vulnerability by persuading a user to access a link that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code and compromise the system completely.
Microsoft confirmed the vulnerability and released software updates.
Security Impact Rating: High