PDA

View Full Version : Internet explorer vulnerability ambushed.



Plastic Nev
12-07-2009, 06:21 PM
Ok this is now a week old, sorry for not finding it earlier.

Windows users ambushed by attack on fresh IE flaw.

more here-

Windows users ambushed by attack on fresh IE flaw ? The Register (http://www.theregister.co.uk/2009/07/06/new_microsoft_exploit_in_wild/)

However Microsoft have issued a work round that is in two parts, one for an earlier discovered hack on similar lines to the latest one, plus a work round for the latest discovered hack.
They are here-

Microsoft Security Advisory: Vulnerability in Microsoft DirectShow could allow remote code execution (http://support.microsoft.com/kb/971778)

and here-

Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution (http://support.microsoft.com/kb/972890)

The latest news is that a security patch will be issued for the first in the normal Tuesday updates on the 14th July, with a fix to be issued for the second at a later date.

If you implement these work rounds please delete or undo them before downloading and installing the patches.

These problems only apply to activeX controls within Internet explorer, so if like me you use Firefox or other browser you are likely to be unaffected.
Nev.