BleepingComputer.com: Visual Studio 2005 Vulnerability And Exploit In-the-wild

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Visual Studio 2005 Vulnerability And Exploit In-the-wild

#1 User is offline   harrywaldron 

  • Security Reporter
  • PipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 509
  • Joined: 10-April 04
  • Gender:Male
  • Location:Roanoke, Virginia

  Posted 01 November 2006 - 09:43 AM

Microsoft has issued an advisory and offers workarounds and mitigation advice.

Visual Studio 2005 vulnerability and exploit in-the-wild
http://www.microsoft.com/technet/security/...ory/927709.mspx

Microsoft Visual Studio WMI Object Broker ActiveX Control Code Execution
http://secunia.com/advisories/22603/
http://www.frsirt.com/english/advisories/2006/4282

Quote

A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll). Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer. The vulnerability is reported in Microsoft Visual Studio 2005.

NOTE: The vulnerability is already being actively exploited.

Microsoft Security Journal

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users