MS11-067 – Important : Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230) – Version: 1.1
Severity Rating: Important
Revision Note: V1.1 (March 13, 2012): Added an entry to the update FAQ to announce a detection change for KB2548826 to correct an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a privately reported vulnerability in Microsoft Report Viewer. The vulnerability could allow information disclosure if a user views a specially crafted Web page. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site.
View full post on Microsoft Security Bulletins