ActiveX control exploit could allow attacker to gain control of computer

By on

Microsoft has released a security advisory about a new vulnerability that could allow a remote user to gain access and control a user’s computer if the user visits a malicious website with code that exploits the new security hole using Internet Explorer (typical).

The flaw is found within the Microsoft Video ActiveX Control, and is limited to Windows XP and Windows Server 2003. The control connects to Microsoft DirectShow filters for users to capture, record and play video; and is the main component used for Windows Media Center.

In IE, the control can corrupt the system in such a way that code can be run by an attacker remotely; as well, take over the computer itself, if the user logged in has administrative rights. It seems to only affect Internet Explorer 6 and 7, with the latest version – Internet Explorer 8 – immune from the threat.

Microsoft has suggested to disable the ActiveX control, and has released a way to disable it for Windows XP and Windows Server 2003. Users with Windows Vista and Windows Server 2008, though not vulnerable to the exploit, are asked to download the workaround. An option to disable the workaround has also been released.

According to Symantec, the exploit has been reported mainly in China and other parts of Asia, with cited reports saying that thousands of websites are hosting the exploit.