|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Yet Another Internet Explorer/ActiveX 0day
Posted on July 7th, 2009 at 18:41 6 commentsIf you use Internet Explorer 6 or 7 on Windows XP, you can get infected by simply visiting a Web site, thanks to another bad hole in a Microsoft ActiveX control known as the Video ActiveX control.
Those using IE 8 or Vista apparently aren’t affected.
The Video Control is “the main component that Microsoft Windows Media Center uses to build filter graphs for recording and playing television video.”
As far as I can tell, the problem was first identified way back in 2007 by Hustle Labs. The Common Vulnerabilities and Exposures identification number CVE 2008-0015, which Microsoft uses to describe the hole, links to a vulnerability first reserved in December, 2007.
The solution? You can run Microsoft’s Fixit patch, described in Security Advisory 972890.
Or you can surf with Firefox, Chrome, or anything but Internet Explorer.
Sound familiar?
No idea when MS will come up with a permanent solution.
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)