Microsoft has pushed out an alert which addresses previously unknown vulnerabilities in Internet Explorer. While you won’t see a patch for this issue today, Microsoft has released mitigation instructions to help correct the vulnerability that is seeing limited targeted attacks.
Microsoft issues warning over recently discovered ActiveX flaw in Internet Explorer. (IMG:J.Anderson)
Microsoft Security Advisory 955179, covers an ActiveX vulnerability that will allow remote code execution if exploited. The ActiveX control for the Snapshot Viewer for Microsoft Access is seeing, “active, targeted attacks leveraging” according to the Redmond, Washington giant.
The ActiveX control for the Snapshot Viewer for Microsoft Access enables you to view an Access report snapshot without having the standard or run-time versions of Microsoft Office Access. The vulnerability only affects the ActiveX control that shipped with all supported versions of Microsoft Office Access, except for Microsoft Office Access 2007. The ActiveX control is also shipped with the standalone Snapshot Viewer.
To mitigate, but not completely fix the issue, Microsoft offers a few steps. “You can disable attempts to instantiate a COM object in Internet Explorer by setting the kill bit for the control in the registry,” Microsoft said. The kill bits are below.
F0E42D50-368C-11D0-AD81-00A0C90DC8D9F0E42D60-368C-11D0-AD81-00A0C90DC8D9F2175210-368C-11D0-AD81-00A0C90DC8D9
There are also mitigation steps that don’t involve messing with the registry. One option is to set the security level to High in the Internet Zone of Internet Explorer. You can disable JavaScript as well, but that will also dump JavaScript from being used on others sites, causing most of them to fail to work properly.
More information is here:http://www.microsoft.com/technet/security/advisory/955179.mspx
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)