Vulnerabilities / Threats
7/7/2009
01:55 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Microsoft Warns Of 'Browse-And-Get-Owned' Attack

Attacks have been reported that attempt to exploit an unpatched vulnerability in Microsoft's Video ActiveX Control.

Microsoft on Monday issued a security advisory about a zero-day vulnerability in the Microsoft Video ActiveX Control. The flaw could allow a remote unauthenticated attacker to execute malicious code on computers running Windows XP and Windows 2003 Server.

"A browse-and-get-owned attack vector exists," acknowledged Microsoft security engineer Chengyun Chu on the company's Security Research & Defense blog. "A user needs to be lured to navigate to a malicious Web site or a compromised legitimate Web site to be affected. No further user interaction is needed."

And legitimate Web sites may be compromised merely by hosting content submitted by users. Such content or advertisements could be crafted to exploit the Video ActiveX Control vulnerability.

Chu notes that Outlook Express and Outlook will open HTML e-mail messages in the Restricted sites zone by default. This prevents ActiveX controls from being used when reading those messages. However, clicking on a link in such a message could still initiate a browser-based attack.

The specific vulnerable file is Microsoft's MPEG2TuneRequest ActiveX Control Object. The company recommends setting the kill-bit on this ActiveX object as a workaround until a patch is released.

Microsoft provides a link on its Security Research & Defense blog that will disable the vulnerable ActiveX control.

In February, Microsoft issued a security advisory about a zero-day Excel 2007 vulnerability. It issued a fix for the flaw during its April patch cycle.

In June, Microsoft issued set of software patches that addressed 31 vulnerabilities in 10 separate security bulletins, the largest number of vulnerabilities fixed in a single day since the company began issuing regular patches on the second Tuesday of every month in October 2003.

Microsoft plans to release its July patches next Tuesday. It's unlikely the company will have had enough time to prepare a patch for the Video ActiveX control vulnerability.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas and her guest, David Shearer, (ISC)2 Chief Executive Officer, as they discuss issues that keep IT security professionals up at night, including results from the recent 2016 Black Hat Attendee Survey.