07.13.09
ActiveX Vulnerability/Exploit
There is a security vulnerability that exists in ActiveX that is actively being exploited. This advisory was first made avaialble in early July. This is the first of two exploits in ActiveX so far for the month of July.
What makes this vulnerability/exploit important is that the users PC can be infected by simply clicking on a link in an email or on a web page (dependent on ActiveX settings in the browser.) This can allow a unauthorized user to use your PC for uses that you do not authorize (remote code execution)
- There is a “workaround” that you may want to install to prevent the exploit from occurring
- Please note it removes browser functionality but as far as I know most users do not use this functionality. This will have to be taken on a case by case basis.
- If you are interested in deploying the workaround there is one listed in the “workaround” section http://www.microsoft.com/technet/security/advisory/972890.mspx
- A fix was released for this vulnerability on Tuesday July 14, 2009
- Symantec had this in their sinatures since July 5. Sonicwall also included IPS signatures around that time.
Permalink Comments off