A series of security updates release by Microsoft on March 11th included fixes for a critical security flaw in Internet Explorer 9 and 10 and the next to last updates for Windows XP.
An interesting aspect of this attack is that a Windows anti-exploit feature, Address Space Random Layout (ASRL), was overcome using Adobe’s Flash Action Script which loaded the infected animation into memory.
This is also the next-to-last security update for Windows XP and Office 2003, although nothing related to office was included. The updates include fixes for four vulnerabilities in Windows XP. Refer to the following Microsoft update bulletins for details:
MS14-012: Cumulative Security Update for Internet Explorer (2925418)
MS14-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)
MS14-014: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
MS14-015: Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
MS14-016: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)