Description: This security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Update type: Critical

Release date: April 8, 2008

Applies to: All

Knowledge base: support.microsoft.com/kb/948881

Download link: 32-bit | 64-bit

Comments: Here are the specifics on the vulnerabilities covered by this update:

• ActiveX Object Memory Corruption Vulnerability - CVE-2008-1086