MS14-019 – Critical: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (June 27, 2014): Updated the Known Issues entry in the Knowledge Base Article section from “None” to “Yes”.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user runs specially crafted .bat and .cmd files from a trusted or semi-trusted network location. An attacker would have no way to force users to visit the network location or run the specially crafted files. Instead, an attacker would have to convince users to take such action. For example, an attacker could trick users into clicking a link that takes them to the location of the attacker’s specially crafted files and subsequently convince them to run them.

Leave a Reply