All the latest UK technology news, reviews and analysis

Microsoft warns of new ActiveX security threat

by Shaun Nichols

More from this author

07 Jul 2009

Be the first to comment

  • Tweet this
Microsoft bug
An ActiveX flaw could allow hackers to remotely execute code

Microsoft is warning users to update their systems following the discovery of a new attack targeting an Internet Explorer ActiveX component.

The company said in a security advisory that it has received reports of attacks in the wild targeting a flaw in the Microsoft Video ActiveX control to remotely execute code on targeted systems.

Further reading

ActiveX controls allow Internet Explorer to use external components to load various document and file types, and have been a prime target for attackers looking to remotely install malware on user systems.

The attack code is usually embedded within a web page to allow covert attack and installation.

According to Microsoft, the component itself does not have any legitimate use, and the flaw is believed to exist only in Windows XP and Windows Server 2003 systems. Windows Vista and Server 2008 are not believed to be vulnerable to the attack.

However, Microsoft is advising that users and administrators take action to disable the vulnerable component. The company has posted a support page which offers a script to deactivate the component.

Users can also manually disable the control by setting a killbit to disable the vulnerable component.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Operating Systems

Windows 8 keyboard

Windows 8 gets 29 February preview date

Related white papers

Related articles

Related jobs

Today's top stories

Nokia Lumia 800 and 710

Nokia to axe a further 4,000 jobs as cost-cutting drive continues

RIM BlackBerry Curve 9380 and Bold 9790

RIM beats Apple and Android for apps, says RIM exec

VMware logo

VMware updates vCloud with Integration Manager

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

eCommerce Business Analyst - (North London)

eCommerce Business Analyst - (North London) Permanent...

UI Developer (North London)

UI Developer (North London) Permanent £55,000 - £60...

MS Office 2010 Trainer - Cambridge

MS Office 2010 Trainer - Cambridge My Cambridge based...

Dynamics CRM Technical Consultant

Dynamics CRM consultants (experience of javascript and...

To send to more than one email address, simply separate each address with a comma.