Ie Users Beware

[bazmlb]

Malicious hackers are launching code execution exploits against new, unpatched vulnerability in the Microsoft Video ActiveX Control, the company warned in an advisory.

The attacks are currently targeting users of Microsoft’s Internet Explorer browser. “An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention,” Microsoft said.

http://blogs.zdnet.com/security/?p=3703

[stumonster]

are they telling us that IE ships with some activeX plugins installed and switched on by default ?

even the article is very light on detail

[neverdie]

Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure

So how do you do this?

[webfact]

a STRONG & POWERFUL firewall i.e. Online Armor will protect!

Edited July 7, 2009 by webfact

[neverdie]

Thanks Webfact, I have one of those

[sjaak327]

In case of Windows Vista and Server 2008, this precaution isn't strictly necessary, as those two OS's are not affected by this thread, I assume the same applies to Windows 7.

In any case refer to http://www.microsoft.com/technet/security/...ory/972890.mspx for more information.