Sponsored Links

Microsoft Video ActiveX Vulnerability

Bob2002

ULTIMATE Member
Microsoft Security Advisory (972890)

Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution


Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.

We are aware of attacks attempting to exploit the vulnerability.

Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.

http://www.microsoft.com/technet/security/advisory/972890.mspx

Click the following link to execute Microsoft's "workaround" - http://support.microsoft.com/kb/972890


:hrmph:
 
This statement sums the whole thing up
Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control

I also assume Vista and 2008 and widows 7 will also have issues if IE isn't running in restricted mode, hence why they ask you to remove it.
 
this is why l love using firefox... plan on updating to the new version soon tho that depends on if the makers of my favorite addons pull their fingers out of their behinds to updated them.
 
Sponsored Links
We won't get IE8 in Windows7 EU, so remember to have that copy of Firefox, Opera, Chrome or Safari on a disc or flash drive and ready to install :) .
 
I wouldn't be surprised to see retailers bundling free Firefox/Opera/etc CDs with copies of Windows 7. :hrmph:
 
Annoying because I build my own stuff so it's just another hassle to work around.
 
Why cannot M$ produce a secure OS? Surely after creating OS's for a long time now, you would think they might have learned something about how to make an OS with less holes in it, other than throwing fancy looking graphics at the same flawed design. Mac OS is far more secure, same goes for Linux. Either M$ are incapable of creating something that is more secure, or they do it on purpose, for what ever reason. So either Apple and Linux creators know how to make an OS secure, or nobody bothers attacking them, so they appear more secure.

Of course, no OS can be invulnerable, if man made it, it will have flaws. M$ seem to have the idea, that to catch water a seive would be a good idea.
 
Sponsored Links
Mac OS and Linux have some Unix heritage to draw on, while Windows has ploughed its own furrow from Dave Cutler's NT. To be fair to Windows the modern version has a number of features that are supposed to make it harder to code exploits than OS X - at least that's what professional hackers have said. :shrug:
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6026)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1901)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules