|CVSS SCORE||6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)|
An attacker can craft a malicious file with a .URL extension. If the victim opens the .URL file, the attacker can execute arbitrary code on the victim's machine under the context of the user.
Microsoft has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Eduardo Braun Prado