All the latest UK technology news, reviews and analysis
|
|
|
02 Nov 2006
Microsoft has issued a security warning about an unpatched vulnerability in its Visual Studio 2005 developer tool.
Attackers are actively exploiting the flaw, which allows code execution without any user interaction. Security vendor Secunia has given the flaw its most severe security rating of 'extremely critical'.
The flaw can be exploited through a specially crafted webpage. When a user visits the site, the attacker can install and execute malware.
The vulnerability lies within a component of Microsoft's ActiveX software called WMI Object Broker Control. ActiveX is commonly used by Internet Explorer to work with data from other applications such as media players or image viewers.
Microsoft said in a security bulletin that it is investigating the issue. The company has not ruled out issuing a fix outside of its monthly patch schedule if necessary.
Microsoft said that only users who have approved the component through the ActiveX Opt-in feature will be vulnerable to the attack. The company warned users against following unsolicited or suspicious links.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Playstations and table football in the kitchen? Standard...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?