Proactive IT Security

Home > Security Center > Security articles > 2009 > Vulnerability in Microsoft Video ActiveX

Vulnerability in Microsoft Video ActiveX

Print page

RSS FEEDS

Latest Security articles

Latest Blog items

Latest News

Latest Support issues

Current Virus threats

2009-07-07 [Software advisories]

A new vulnerability in Microsoft Video ActiveX Control has been reported.

According to Microsoft's Security Advisory an attacker who successfully exploited this vulnerability in a user's Internet Explorer, might accomplish remote code executionwithout any user intervention.

There are reports that several exploited web sites are serving malicious code exploiting this vulnerability.

More information is available in Microsoft's Security Advisory.

Note in particular that Microsoft has also published a workaround that automatically disables the vulnerable ActiveX Control for systems running Windows XP and Windows Server 2003. More information in Microsoft's Knowledge Base article.

Norman recommends that Microsoft's workaround is implemented on affected systems.