Microsoft warns of ActiveX attack found in the wild

Attack is occurring in the wild against Video ActiveX Control in IE on XP and Windows Server 2003

Microsoft today issued a warning about an attack that is occurring in the wild against its Video ActiveX Control in Internet Explorer running on XP and Windows Server 2003. (Vista and Windows Server 2008 are not affected.) The company has not rated this vulnerability, although it has some of the earmarks of a critical hole, in that an attacker could gain the same rights as a user, execute code and do so without a user's interaction. At the same time, the company is downplaying the seriousness of the attack because it is easily mitigated and the default security settings of Internet Explorer also restrict a hacker's ability to take advantage of it.

According to Microsoft:

"The primary workaround is to turn off the Video ActiveX Control from running in Internet Explorer. The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. It is the main component that Microsoft Windows Media Center uses to build filter graphs for recording and playing television video. When the ActiveX control is used in Internet Explorer, the control may corrupt the system state in such a way that an attacker could run arbitrary code"

Microsoft says it is working on a patch. Full information about the ActiveX security hole is outlines in Microsoft Security Advisory (972890)

Visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Follow Microsoft Subnet on Twitter

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT