Microsoft Video ActiveX Control Vulnerability Exploited in the Wild
A zero-day vulnerability affecting Microsoft Video ActiveX Control has been discovered in the wild over the last couple of days by several independent security companies. Microsoft has announced that it is aware of the problem and it is also aware of the fact that attacks in the wild attempting to exploit this vulnerability have been detected. Just to put things in perspective, if a person with malicious intent successfully exploits the Microsoft Video ActiveX Control vulnerability, then that person could gain the same user rights as the local user. If you are using Internet Explorer to browse the web, the attacker could perform remote code execution with no user intervention.
“We have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003. Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on user if they browse to a malicious site. We have an investigation into this issue under way as part of our Software Security Incident Response Process (SSIRP) and are working to develop a security update to address the issue,” explained Christopher Bud, on behalf of the Microsoft Security Response Center (MSRC).
According to MSRC Engineering team member Chengyun Chu, there is an attack vector where the user needs only visit a compromised site to get owned. The user would only have to be convinced to access a malicious web page, or a legitimate web page would have to be compromised – that is all, no other interaction is required. Until Microsoft issues a fix, there is only one workaround for this vulnerability: you have to set all kill-bits associated with the vulnerability.
“Kill-bit MPEG2TuneRequest ActiveX Control Object (CLSID 0955AC62-BF2E-4CBA-A2B9-A63F772D46CF) is the workaround we recommend to mitigate the current attack in the wild. During the investigation, we identified that none of the ActiveX Control Objects hosted by msvidctl.dll are meant to be used in IE. Therefore, we recommend to kill-bit all of these controls as a defense-in-depth practice. The side effect is minimal,” explained Chengyun Chu.
The workaround mentioned above can also be applied automatically – just click here.
Microsoft Security Advisory 972890 can be viewed here.
Tags: Microsoft, MSRC, Video ActiveX Control Object, Vulnerability
“We have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003. Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on user if they browse to a malicious site. We have an investigation into this issue under way as part of our Software Security Incident Response Process (SSIRP) and are working to develop a security update to address the issue,” explained Christopher Bud, on behalf of the Microsoft Security Response Center (MSRC).
Advertising
According to MSRC Engineering team member Chengyun Chu, there is an attack vector where the user needs only visit a compromised site to get owned. The user would only have to be convinced to access a malicious web page, or a legitimate web page would have to be compromised – that is all, no other interaction is required. Until Microsoft issues a fix, there is only one workaround for this vulnerability: you have to set all kill-bits associated with the vulnerability.
“Kill-bit MPEG2TuneRequest ActiveX Control Object (CLSID 0955AC62-BF2E-4CBA-A2B9-A63F772D46CF) is the workaround we recommend to mitigate the current attack in the wild. During the investigation, we identified that none of the ActiveX Control Objects hosted by msvidctl.dll are meant to be used in IE. Therefore, we recommend to kill-bit all of these controls as a defense-in-depth practice. The side effect is minimal,” explained Chengyun Chu.
The workaround mentioned above can also be applied automatically – just click here.
Microsoft Security Advisory 972890 can be viewed here.
Tags: Microsoft, MSRC, Video ActiveX Control Object, Vulnerability
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 23 Dec 2011
Redmond-based software giant Microsoft has said goodbye to its keynote presentation and booth at the Consumer Electronics Show (CES), the technology trade show held each January in the Las Vegas Convention Center. 
By George Norman on 02 Dec 2011
With 2011 quickly drawing to an end, the team behind Microsoft’s Bing search engine made public a list of the most popular searches on Bing in 2011. The list includes the most searched people, the most searched news stories, the most searched sports stars
By George Norman on 21 Sep 2011
One million students from low-income families in the US will have access to software, hardware, and discounted broadband internet service courtesy of Redmond-based software giant Microsoft. 
By George Norman on 27 Oct 2011
It is true that the mouse is one of the most used peripheral and it is just as true that if you want to get things done and get them done fast, using keyboard shortcuts is a lot more efficient than clicking.Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Microsoft Video ActiveX Control Vulnerability Exploited in the Wild
HTML Linking Code
HTML Linking Code