US-CERT Current Activity - Public Exploit Code for Microsoft WebViewFolderIcon ActiveX Control Vulnerability

Wednesday, September 27, 2006 4:51 PM cmosby

US-CERT Current Activity - Public Exploit Code for Microsoft WebViewFolderIcon ActiveX Control Vulnerability

Public Exploit Code for Microsoft WebViewFolderIcon ActiveX Control Vulnerability
added September 27, 2006
We are aware of publicly available exploit code for a new, unpatched vulnerability in Microsoft Internet Explorer. The exploit code targets a vulnerability in the Microsoft WebViewFolderIcon ActiveX control.

More information about this vulnerability can be found in the following:

Vulnerability Note VU#753044 - Microsoft Windows WebViewFolderIcon ActiveX integer overflow

Until an update, patch, or more information becomes available, we strongly recommend the following:

Disable ActiveX as specified in the Securing Your Web Browser document and the Malicious Web Scripts FAQ.

Do not follow unsolicited links.

Review the steps described in Microsoft's document to improve the safety of your browser.

We will continue to monitor this issue and provide additional information as it becomes available.

http://www.us-cert.gov/current/

Filed under: Security and Anti-Virus, Browser Wars, Internet Explorer

Comments

# myITforum Daily Newsletter; September 28, 2006

Thursday, September 28, 2006 9:18 AM by myITforum Newsletters

myITforum Daily Newsletter Daily Newsletter September 28, 2006 The myITforum.com newsletter is delivered

Chris Mosby at myITforum.com

Search

Tags

News

Unique Visitors

Navigation

Archives

Microsoft Links

SMS Links

Great Blogs

My Links

Security Links

Anti-Virus Links

Things I Have Done or I Am Involved In

Published Works

US-CERT Current Activity - Public Exploit Code for Microsoft WebViewFolderIcon ActiveX Control Vulnerability

Public Exploit Code for Microsoft WebViewFolderIcon ActiveX Control Vulnerability

Comments

# myITforum Daily Newsletter; September 28, 2006