Tue, Jul 14, 2009
Another Exploited ActiveX Vulnerability in Windows web browsers; workaround available
Another security vulnerability in Microsoft ActiveX for Internet Explorer
has been reported by Microsoft, and is being actively exploited. This
vulnerability exploits a flaw in a Microsoft Office Web Component ActiveX
control, and allows an attacker to create a malicious web page
which, when browsed by a Windows-based web browser, will run
commands of the attacker's choosing on the browsing machine.
While a fix is not yet available, Microsoft has published a
workaround that (temporarily) disables the vulnerable ActiveX
control(s). This workaround is available from Microsoft at http://support.microsoft.com/default.aspx/kb/973472.
For more information, see
http://www.microsoft.com/technet/security/advisory/973472.mspx.
To be emailed any new alerts as they appear, or to cease being emailed such alerts, send email to securityalerts-request@cs.
![[Valid HTML 4.01 Transitional]](/support/security/valid-html401-blue.png){kind=small}
![[Valid RSS]](/support/security/valid-rss.png)
![[Valid Atom]](/support/security/valid-atom.png)