blog web hosting internet

Green Web Hosting

09.02.10
7 Tools You Should Be Using For Better Web Designs #webdesign http://is.gd/7Zp0Q
02.02.10
How to Win Clients When You’re the Underdog http://is.gd/7AVU5
02.02.10
30 Irreplaceable Chrome Extensions http://is.gd/7yWnk
02.02.10
18 Unique Uses of #WordPress and the Plugin or Theme Used http://is.gd/7yVo7
02.02.10
12 Tips on Creating Content for Social Media http://is.gd/7yTeE
02.02.10
25 Fresh, Clean and Unique #Wordpress Themes http://is.gd/7ySFe
02.02.10
29 Resources for #Freelance Designers Operating on a Tight Budget http://is.gd/7yStu
02.02.10
40 Inspiring Single Page Websites #webdesign http://is.gd/7yRRM
02.02.10
Silverback - Guerrilla Usability Testing #webdesign http://is.gd/7yRIK
02.02.10
Top Articles On The #WebDesign Billboard In January’10 http://is.gd/7yR32
02.02.10
10 Great Tips for Using #Twitter as a Designer #webdesign http://is.gd/7ykEN
02.02.10
20 Different and Beautiful Icon Sets #webdesign http://is.gd/7yjJA
02.02.10
Why a #CMS Is Not Always The Best Choice #webdesign http://is.gd/7yfN6
02.02.10
#WordPress: Tips, Hacks and Extras http://is.gd/7ydCr
02.02.10
Rich-Text Editors for 2010 #webdesign http://is.gd/7ydxD
02.02.10
Color Theory For Designers, Part 2: Understanding Concepts And Terminology #webdesign http://is.gd/7yaJl
02.02.10
15 More Really Fun Online Photo Editing Websites #webdesign http://is.gd/7yadt
02.02.10
37 Inspirational and Detailed #Wordpress Theme Design Tutorials #webdesign http://is.gd/7y9O0
01.02.10
Congresssional #Joomla Web Defacements http://is.gd/7we1B
01.02.10
31 Rare #Wordpress Themes #webdesign http://is.gd/7w8cC
Microsoft Video ActiveX Control Vulnerability PDF Print E-mail
Blog - Security
Monday, 06 July 2009 20:40

National Cyber Alert System

Technical Cyber Security Alert TA09-187A

Microsoft Video ActiveX Control Vulnerability

 

 

Original release date: July 06, 2009

Source: US-CERT

Systems Affected

* Microsoft Windows XP

* Microsoft Windows Server 2003

 

Overview

 

An unpatched vulnerability in the Microsoft Video ActiveX control

is being used in attacks.

 

 

I. Description

 

Microsoft has released Security Advisory (972890) to describe

attacks on a vulnerability in the Microsoft Video ActiveX control.

Because no fix is currently available for this vulnerability,

please see the Security Advisory and US-CERT Vulnerability Note

VU#180513 for workarounds.

 

 

II. Impact

 

A remote, unauthenticated attacker could execute arbitrary code

with the privileges of the victim user.

 

 

III. Solution

 

Apply workarounds

Microsoft has provided workarounds for this vulnerability in

Security Advisory (972890). Additional details and workarounds are

provided in US-CERT Vulnerability Note VU#180513.

The most effective workaround for this vulnerability is to set kill

bits for the Microsoft Video ActiveX control, as outlined in the

documents noted above. Other workarounds include disabling

ActiveX, as specified in the Securing Your Web Browser document,

and upgrading to Internet Explorer 7 or later, which can help

mitigate the vulnerability with its ActiveX opt-in feature.

 

IV. References

 

* US-CERT Vulnerability Note VU#180513 -

<http://www.kb.cert.org/vuls/id/180513>

 

* Microsoft Security Advisory (972890) -

<http://www.microsoft.com/technet/security/advisory/972890.mspx>

 

* Securing Your Web Browser -

<http://www.us-cert.gov/reading_room/securing_browser/>

 

 
 

Disclosure: Content posted to this site is in no way an endorsement for a product or service and may result in compensation from the vendor. Some content contained in this site is syndicated content.