Infesting you with Virus News

Vulnerabilities

Microsoft Video ActiveX Control remote vulnerability (PC1-2009-1716)

Overview

Vulnerability chart	Vulnerability was found in Microsoft Video ActiveX Control. It is not patched yet and is to be used in attacks.
Remote Access No, there is no patch Patch implementation unknown Patch availability checked on 2009-07-07

References to Advisories, Solutions, and Tools

Description:	Microsoft has issued Security Advisory (972890) with the purpose to indicate attacks on a vulnerability in the Microsoft Video ActiveX control. Because any fix is not currently available for this vulnerability, users are asked to see the Security Advisory and US-CERT Vulnerability Note VU#180513 for workarounds.
Impact:	By using this specific vulnerability, a remote, unauthenticated attacker could execute arbitrary code with the rights of the victim user.
Solution:	Users who have faced such particular vulnerability, are advised to apply workarounds. Microsoft has offered workarounds for this vulnerability in Security Advisory (972890). Additional details and workarounds are given in US-CERT Vulnerability Note VU#180513. The most effective workaround for this vulnerability is to set kill bits for the Microsoft Video ActiveX control, as specified in the documents mentioned above. Other workarounds contain disabling ActiveX, as explained in the Securing Your Web Browser document, and upgrading to Internet Explorer 7 or later, which ccould help to mitigate the vulnerability with its ActiveX opt-in feature.
References:	http://www.kb.cert.org/vuls/id/180513 http://www.microsoft.com/technet/security/advisory/972890.mspx http://www.us-cert.gov/reading_room/securing_browser/

Security Bulletin Information

Release Date:

July 06, 2009

Systems Affected:

Microsoft Windows XP
Risk level
- Low
- Medium
- High
- Extreme
- Severe
Warning: security vulnerability level = severe
116 vulnerabilities(-y) found between 20 December, 2001 and 24 September, 2009.
Windows XP refers to a line of operating systems developed by Microsoft for... more
See also: Windows XP SP2, Windows XP SP3, Windows XP Professional, Windows XP Professional SP2, Windows XP Pro x64, Windows XP Pro x64 SP2, Windows XP SP1, Windows XP 64-Bit Edition SP1, Windows XP 64-Bit Edition Version 2003, Windows XP 64-bit Edition, Microsoft Windows XP SP3
4921 files found: osk.exe, migwiz.exe, tlntadmn.exe, SYSPARSE.EXE, exctrlst.exe, tsprof.exe, xrxftplt.exe, nslookup.exe, oschoice.exe, dmdiag.exe, qprocess.exe, EXCH_regtrace.exe, cipher.exe, logman.exe, gprslt.exe... more
Microsoft Windows Server 2003
Risk level
- Low
- Medium
- High
- Extreme
- Severe
Warning: security vulnerability level = severe
73 vulnerabilities(-y) found between 10 July, 2003 and 14 July, 2009.
Windows Server 2003 (known as Win2K3) points to a server operating system... more
See also: Windows Server 2003 SP1, Windows Server 2003 SP2, Windows Server 2003 x64, Windows Server 2003 x64 SP2, Windows 2003
518 files found: owsadm.exe, w3wp.exe, httpcfg.exe, wmseditor.exe, dsrm.exe, IEExec.exe, dcgpofix.exe, portqry.exe, msppcnfg.exe, cmdkey.exe, addusr.exe, tapicfg.exe, dsget.exe, dsadd.exe, pop3svc.exe... more

Say something interesting!

Featured Videos

Modify hosts file

Registry Tutorials

From: PC1News Videos

Added: June 13, 2009

more videos

Latest Comments

Struggle the most dangerous form of computer virus - the worm!

March 10, 2010

misa campo is much better u *** tards more..

Don’t Risk Downloading Antivirus Soft to Your PC!

March 10, 2010

go to bleeping computer.com..d .. r.com..downloada file called Rkill. But first if you are having trouble... more..

Dr. Guard Can Hit Your Computer Hard

March 10, 2010

dr. guard is the worst i've encountered. I manually made all the deletions of files and registry entries.... more..

more comments..

Home Tips Downloads Videos Virus List Vulnerabilities

Home > Vulnerabilities > pc1-2009-1716