Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability in the JScript and VBScript scripting engines. The vulnerability could allow remote code execution if a user visited a specially crafted Web site.
Detailed Information on the risk:

A remote code execution vulnerability exists in the JScript and VBScript scripting engines due to a memory corruption error. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Further information on this exploit is available at : MS11-031