This is Microsoft's description of the vulnerability that they are fixing with the new security patch, kindly pointed out to us by Marti earlier today (see link below). I find it kind of weird how the attacker is a her and the victim is a him. Anyone else puzzled, or am I missing something?
"What’s the scope of the first vulnerability?
This vulnerability could enable an attacker to potentially run a program of her choice on the machine of another user. Such a program would be capable of taking any action that the user himself could take on his machine, including adding, changing or deleting data, communicating with web sites, or reformatting the hard drive.
In order for the attacker to successfully attack the user via this vulnerability, she would need to craft a specially formed web page and host the malicious executable on a site that is accessible to the victim, either on the Internet or on their local network. She would then have to force the user to view the web page. She could do this either by enticing the user to go to her site, or by sending the web page as an HTML email. When the web page on the site finished loading, the file could execuate automatically. In the case of an HTML email, when the user opened the mail or viewed it in a preview pane, the file could execute automatically."
#1. "RE: Microsoft gender question." In response to dbahn (Reply # 0)
Modern textwriters in English have been trying to solve this issue, of the proper pronoun to use for general third-person purposes. Some tend to alternate between he and she, him and her, etc. in the same text to show impartiality. I suspect that the Microsoft writer in question took some liberties with that. Maybe the writer was a guy who had a fight with his wife that morning.