Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Microsoft Video ActiveX Control Zero-Day exploit: CCIP says take action immediately to mitigate vulnerability
Posted on 8-Jul-2009 09:02 by Juha. | Tags Filed under: News.



The New Zealand government Centre for Critical Infrastructyre Protection would like to bring people's attention to the Microsoft Security Advisory 972890 that was released July7.

Microsoft have announced a vulnerability in Microsoft Video ActiveX Control that allows remote code execution. This is reported to affect versions of Windows XP and Window Server 2003.

CCIP is bringing this to your attention as this vulnerability has been reported as being actively exploited in the wild.

MITIGATION

Administrators are advised to take the following mitigation steps immediately.

There is currently no patch to correct this issue. However you can set the kill-bit to mitigate this vulnerability.

Microsoft have provided a way to automatically implement the workaround by following the instructions under "Fix It For Me" in the following Knowledge Base article: http://support.microsoft.com/kb/972890

Alternatively the following quoted text can be included in a .REG file and imported into your registry.

---BEGIN QUOTE---
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400
---END QUOTE---

Please note that in addition to the class identifier listed in the above example there is a full list of class identifiers in the
Suggested Actions-->Workarounds section of the Microsoft Advisory: http://www.microsoft.com/technet/security/advisory/972890.mspx

It is recommended that all of them are implemented.

There is also a writeup on Microsoft's Security Response Centre Blog.



comments powered by Disqus




Trending now »

Hot discussions in our forums right now:

Good riddance to Obama and his drones. Pakistani villagers will be saying the same.
Created by amiga500, last reply by DarthKermit on 22-Jan-2017 04:44 (88 replies)
Pages... 4 5 6


The President Of The USA: Donald Trump
Created by TimA, last reply by frankv on 22-Jan-2017 08:33 (1831 replies)
Pages... 121 122 123


Xtra email no longer receives on Outlook 2003 / Outlook 2011 for MAC
Created by lNomNoml, last reply by hio77 on 21-Jan-2017 22:59 (41 replies)
Pages... 2 3


$1160 for a car battery??!!
Created by jonathan18, last reply by k1w1k1d on 21-Jan-2017 17:11 (56 replies)
Pages... 2 3 4


Lost Mp3 collection, how to rebuild on the cheap (legally)?
Created by TeaLeaf, last reply by kickintheeye on 18-Jan-2017 23:05 (18 replies)
Pages... 2


New Ford Mustang or Holden Commodore or alternatives
Created by MikeB4, last reply by driller2000 on 21-Jan-2017 12:39 (63 replies)
Pages... 3 4 5


Upsize my American houses to McMansion value deal.
Created by kingdragonfly, last reply by richms on 18-Jan-2017 15:48 (14 replies)

Spec check on laptop for GoPro editing please
Created by martyyn, last reply by richms on 20-Jan-2017 17:23 (13 replies)