Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following web based, client-side vulnerability included in the March 2012 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections as necessary.
MS12-022 – Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
- Microsoft Expression Design
CVE-2012-0016 - Expression Design Insecure Library Loading Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Expression Design handles the loading of DLL files.