Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Microsoft Security Advisory (972890) - Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution QUOTE Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention. We are aware of attacks attempting to exploit the vulnerability. Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure. Customers may prevent the Microsoft Video ActiveX Control from running in Internet Explorer, either manually using the instructions in the Workaround section or automatically using the solution found in Microsoft Knowledge Base Article 972890. By preventing the Microsoft Video ActiveX Control from running in Internet Explorer, there is no impact to application compatibility. Microsoft offers a Fixit that will automate the above workaround and a Fixit that will undo the workaround. Since there is no legitimate use of the above ActiveX control, it is highly recommended that the Fixit be employed.
|
Last entries
Part 2: .NET Confusion: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update
Fix for the repeated offering of KB971486 in Windows XP Phishing Phone Calls - " Your computer has a virus " Sun Java: DROP PREchecked non-security content from your runtime SECURITY updates !!! Apple Secruity Update for iTunes/QuickTime Pushes Safari Hey, Software "Vendors", Stop installing FLUFF with your security updates !!! Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX control could allow remote code execution Vote for Kung Fu Panda !! Possible workaround for the reoffering of KB967715 issue A Very Funny List of Windows 7 Editions My Blog Links
Last Comments
MowGreen on Apple Secruity Update for iTunes/QuickTime Pushes Safari
Asianjade on Apple Secruity Update for iTunes/QuickTime Pushes Safari KonamiYoto on Apple Secruity Update for iTunes/QuickTime Pushes Safari MowGreen on Apple Secruity Update for iTunes/QuickTime Pushes Safari KonamiYoto on Apple Secruity Update for iTunes/QuickTime Pushes Safari MowGreen on Vista Kb938194 Appears To Install And Is Then Reoffered no one on Skype Says " Your Os Ate My P2p " |
Jul 6 2009, 02:17 PM
Powered By IP.Blog
© 2010 IPS, Inc.