07 November 2006
Another Critical Vulnerability in IE and Windows
Windows 2000, XP, Server 2003 (including SP1) may be vulnerable to a zero-day vulnerability in the XMLHTML 4.0 ActiveX Control.
Currently attacks have been found using all versions of Internet Explorer (IE) to run code remotely. Banner Advertisements and methods of distributing web content can be dangerous according to Microsoft.
Microsoft has advised users set the registry's kill bit for the ActiveX control or setup IE to provide a prompt before running any ActiveX Control.
More information including suggested workarounds from Microsoft can be found in Microsoft's security advisory.
Currently attacks have been found using all versions of Internet Explorer (IE) to run code remotely. Banner Advertisements and methods of distributing web content can be dangerous according to Microsoft.
Microsoft has advised users set the registry's kill bit for the ActiveX control or setup IE to provide a prompt before running any ActiveX Control.
More information including suggested workarounds from Microsoft can be found in Microsoft's security advisory.
Labels: IE, microsoft, vulnerability, windows
