Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

July 6th, 2009

IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control

Posted by Ryan Naraine @ 11:34 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Exploit code, Malware, Passwords, Patch Watch, Responsible disclosure, Spyware and Adware, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: ActiveX Control, Microsoft Internet Explorer, Microsoft Corp., Zero-day Bug, ActiveX/COM/COM+/DCOM, Web Browsers, Software Development, Software/Web Development, Internet, Ryan Naraine

Malicious hackers are launching code execution exploits against new, unpatched vulnerability in the Microsoft Video ActiveX Control, the company warned in an advisory.

The attacks are currently targeting users of Microsoft’s Internet Explorer browser. “An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention,” Microsoft said.

[ GALLERY: How to use Internet Explorer securely ]

The company said the buggy ActiveX Control can be safely removed without any compatibility issues:

Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer.

…Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.

Internet Explorer users should pay careful attention to the workarounds section of Microsoft’s advisory and take all necessary precautions.

Microsoft has activated its security incident response process but a patch won’t be ready for at least a few months.

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Talkback
Most Recent of 64 Talkback(s)

Thread View
Flat View

Firefox can do MicroSquish updates now: For the past few months it seems that FF has been able to go to M$.com (Read the rest); Posted by: Tom6 Posted on: 08/24/09 You are currently: a Guest | Log in | Terms of Use

Zero day attacks gertruded | 07/06/09

Or moving to Vista or Windows Server 2008 ye | 07/06/09

And MS is so confident in your assertion... ejhonda | 07/06/09

Common Sense jdbukis@... | 07/06/09

Re: dvm | 07/06/09

Not quite eMJayy | 07/06/09

Re: dvm | 07/06/09

allowing a site tmsbrdrs | 07/09/09

Do you mean I have to buy... msalzberg | 07/10/09

better mouse trap... Fark | 07/06/09

In this case CobraA1 | 07/06/09

Well... daMan25 | 07/06/09

Riiiiiiight. Firefox has never experienced Zero-Day issues, right? de-void | 07/06/09

Do you know the difference? honeymonster | 07/06/09

Do you know the difference? Timewellwasted | 07/08/09

read and understand before you comment tmsbrdrs | 07/09/09

Don't Assume Someone Else's Knowledge Timewellwasted | 07/11/09

How soon before the fake Fix-It websites spring up? ejhonda | 07/06/09

RE: IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control m_a_simons@... | 07/06/09

"by-design" People | 07/06/09

Microsoft Video was Lerianis10 | 07/06/09

Here's the fix!!!! Heatlesssun1 | 07/06/09

THANKS! Crestview | 07/08/09

Forgot to mention, this is XP ONLY! NStalnecker | 07/06/09

Can we get rid of active-x already? kraterz | 07/06/09

I agree NStalnecker | 07/07/09

Such as? ye | 07/07/09

Wrong... jasonp@... | 07/07/09

No, it is not common knowledge. ye | 07/07/09

You make the mistake of arguing with him. TripleII | 07/07/09

You do realise that... zkiwi | 07/07/09

This proves Active-X is a problem exactly how? ye | 07/07/09

Because... zkiwi | 07/07/09

And I think there are reports that... zkiwi | 07/07/09

@zkiwi: This proves Active-X is a problem exactly how? ye | 07/08/09

@zkiwi: I did see that. And it's completely unacceptable. ye | 07/08/09

Your denial is even deeper than I thought... Wintel BSOD | 07/08/09

easier elevation via ActiveX kaninelupus | 07/09/09

I agree. GuidingLight | 07/07/09

Don't know what happen to my post. osreinstall | 07/07/09

Cannot Trust IE, Firefox, or any App eiverson@... | 07/07/09

trust is not unconditional shis-ka-bob | 07/11/09

Zero-day attacks skris88@... | 07/07/09

I'd add that Linux... zkiwi | 07/07/09

Anything can be attacked... Wintel BSOD | 07/08/09

It? zkiwi | 07/08/09

Well... Wintel BSOD | 07/08/09

80 some attempts rbees | 07/08/09

Be careful... zkiwi | 07/08/09

Well... Wintel BSOD | 07/09/09

RE: Well... Mew-shew | 07/09/09

LOL... @Chew-shew Wintel BSOD | 07/10/09

RE: IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control eiverson@... | 07/08/09

So where are all the Windoze shills? Wintel BSOD | 07/08/09

They would be here ... john_gillespie@... | 07/08/09

Oh buzzzzzzz off!! kaninelupus | 07/09/09

Active X john_gillespie@... | 07/08/09

RE: IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control Timewellwasted | 07/08/09

Concisely stated eiverson@... | 07/10/09

ActiveX still insecure and yet still used by banks etc? Tom6 | 07/08/09

Mitigating ActiveX Risks eiverson@... | 07/10/09

So much yappin about IE security. Does anyone USE IE anymore? No More Microsoft Software Ever! | 07/10/09

RE: IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control LeMike | 07/29/09

Firefox can do MicroSquish updates now Tom6 | 08/24/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Unlocking Hidden Value from Investments in SAP NetWeaver Business Warehouse IBM Find out how IBM Cognos 8 software and solutions can drive maximum value from your current investment in SAP NetWeaver Business Warehouse. Download Now
Connecting to Better Customer Service Qwest Communications Build a robust voice and data network infrastructure, and transform customer information and feedback into actionable results. Download Now
Planning Activation in Isolated Environments Microsoft This guide is for IT pros maintaining the Windows? 7 and Windows Server? ... Download Now

Blogs From Our Sponsors

Top Rated

And the most popular password is...+34 votes
Microsoft readies emergency IE patch to counter public exploits+33 votes
Report: 48% of 22 million scanned computers infected with malware+32 votes
Microsoft says Google was hacked with IE zero-day+31 votes
Microsoft confirms 17-year-old Windows vulnerability+31 votes
MS Patch Tuesday heads-up: 13 bulletins, 26 vulnerabilities+26 votes
Bogus IQ test with destructive payload in the wild+22 votes
Haiti earthquake themed blackhat SEO campaigns serving scareware+21 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Qwest Network Services for Healthcare Providers Qwest Communications Demands for improved quality care and increased satisfaction require a ... Download Now
The Journey Along an Information-Led Transformation IBM Corp. The cost of embedding information technology into every device we ... Download Now
Volume Activation Planning Guide Microsoft Volume Activation helps Volume Licensing customers automate and manage the ... Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Zero Day

Ryan Naraine and Dancho Danchev

July 6th, 2009

IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

July 6th, 2009

IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads