MS XML Core Services (MSXML)

**Steph** · 09-05-2012 06:10 AM

I've just run a Secunia scan and it tells me that Microsoft XML Core Services (MSXML) v.4.20.9876.0 is insecure with a high threat rating. Apparently the latest version is 4.30.2100.0 but when I go to the MS update site, it doesn't bring it up so I have no idea how to update it (the path is C:\WINDOWS\system32\msxml4.dll).

I did a search and found the following dated 2 months ago :

Unpatched Microsoft XML Core Services flaw increasingly targeted in attacks, researchers say - Computerworld

in which an MS "temporary" fix is suggested :

Microsoft Security Advisory: Vulnerability in Microsoft XML Core Services could allow remote code execution

but I don't know if this is the latest information as I haven't been able to find anything of a later date (and really had to search to find the above information).

Bit confused here - if it's such a big vulnerability why haven't MS released a patch for it yet and just as importantly, is this fix ok to install? It says it's for IT professionals so I don't want to get into any complicated territory I can't handle because then I'd be even more confused than I am already

I've tried to find out what XML Core Services does but the explanations are about as clear as mud to me - do I need it or could it be removed altogether?

Thank you.

Steph

**abseh1** · 09-05-2012 06:41 PM

It only applies to MS IE Browsers and all OS from WinXP to Win7
It is the basic ...do not go to sites you do not trust
The vulnerability could allow remote code execution if a user views a specially crafted web-page using Internet Explorer.

It is used primarily by developers ...good and bad and some just clueless

Below has and updated download as of 15 Aug... link for affected OS by type and Bit type (32/64)....you can manually update...depending on your computer
Microsoft Security Bulletin MS12-043 - Critical : Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)

An attacker would have no way to force users to visit such a website.

Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker's website.

**asoonernurse** · 09-05-2012 09:58 PM

Originally Posted by abseh1

Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker's website.

Or offering free chicken...

**abseh1** · 09-06-2012 08:40 AM

asoonernurse

How to do the chicken dance ...video and instructions...included

lol where do I click

**Digerati** · 09-06-2012 12:44 PM

I had this same problem(?) last week in August. Secunia was saying Microsoft XML Core Services (MSXML) (4 of them) were outdated and to check Windows Update. But WU kept saying all was current. I decided to let it slide and basically do nothing and see if Secunia would sort it out. Then by last Friday, I updated my system with the latest WU updates and reboot and Secunia came up green.

**abseh1** · 09-07-2012 09:30 AM

Steph

BTW: Thanks for the info on the Secunia scan
I have it downloaded now....I saw it before on the Bleeping Computer website , but did not try it until now...abs

**Digerati** · 09-07-2012 11:00 AM

I've been using Secunia PSI for several years and like it a lot. It is not perfect, and not always very timely, but it does help you keep your system updated. I do not, however, like the 3.0 version and I rolled back to 2.0.

**abseh1** · 09-07-2012 01:13 PM

Bill

Thanks

I use Ninte

Especially at an reinstall etc....it is a fast way to get many programs installed and updated too

But, I see a use for Secunia PSI as well

**Digerati** · 09-07-2012 02:29 PM

Yeah, I remember trying that a few years ago, but can't remember why I did not stick with it. Secunia is not marketed as an installer/uninstaller, but rather as a security application designed to keep our systems updated - and in theory, current on security.

**Steph** · 09-07-2012 06:34 PM

@ abseh 1
Thanks very much for the update link and info - where did you find it? I really searched but never came up with this!

You're welcome re: Secunia - it's useful but I also use Filehippo as it bring up updates for different programs.

@ Digerati
Interesting you had the same problem and then it sorted itself out - mine still hasn't. The question is, as this problem seems to have been going on for some time now, do I continue to leave it as you did or download the critical update in abseh's link?

Silly question now re: Secunia though - I also have v. 2 but I wasn't aware there was a v. 3. Where is the update link for Secunia itself - I've looked everywhere but can't see it. And why didn't you like v.3?

Thank you

Steph

Thread: MS XML Core Services (MSXML)

LinkBack

Thread Tools

MS XML Core Services (MSXML)

The Following User Says Thank You to Steph For This Useful Post:

The Following 2 Users Say Thank You to abseh1 For This Useful Post:

The Following User Says Thank You to Digerati For This Useful Post:

The Following User Says Thank You to Digerati For This Useful Post: