New IE exploit warning from Microsoft.

[Legacy Code]

Microsoft has warned of an Internet Explorer vulnerability involving its Video ActiveX Control that could let an attacker take control of a PC. Microsoft said the vulnerability affects Windows XP and Windows Server 2003.

It offered a workaround to the IE ActiveX hole that it said should also be used for Windows Vista and Windows Server 2008.

Microsoft has warned of a vulnerability in its Video ActiveX Control that affects Windows XP and Windows Server 2003. The software giant said there have been limited attacks exploiting the vulnerability.

The flaw could be exploited by a visit to a malicious Web site and allow an attacker to take control of a PC. Microsoft said it is working on a security update, and meantime advised that users prevent Microsoft Video ActiveX Control from running in Internet Explorer.

The steps to stop the control in IE are a bit complex, but Microsoft offers a "Fix it for me" option at Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution.

Microsoft also recommends users of Windows Vista and Windows Server 2008 take these steps. The Microsoft Video ActiveX Control connects DirectShow filters for video and is used in Windows Media Center. When the control runs in Internet Explorer, it can corrupt the system so that an attacker can run arbitrary code.

Security vendor Symantec said the vulnerability affects IE6 and IE7, but not IE8.

Source : Microsoft/Windows - Microsoft Working on Patch for IE ActiveX Vulnerability

I thought id post this as most members of the forum Dual boot with older Operating Systems than 7.

 

[holo88]

*gasp* IE has a security hole!? who saw that coming!?

thanks for the heads up. good thing IE is totally dead to me

 

[Firestrider]

I should be good since the source says it does not affect IE8 (which is default in Windows 7)

How serious is this? Most people at work use XP with IE6/7. Even if you use Firefox on XP/Vista without IE8 I would still patch this.

 

[Generator]

Source : Microsoft/Windows - Microsoft Working on Patch for IE ActiveX Vulnerability

I thought id post this as most members of the forum Dual boot with older Operating Systems than 7.

Thanks for the heads-up Legacy, It's good to know some are still keeping an eye out for the other systems with myself being a dual-booter too.

*gasp* IE has a security hole!? who saw that coming!?

thanks for the heads up. good thing IE is totally dead to me

If it's still installed but your just not using it, it could maybe still effect you Holo, just because you don't run it doesn't ensure your safe from all risks lol.. As Firestrider says below you.
Your info could be mis-leading to others that might not use it but say for example, have family members who might click on IE as default.

I should be good since the source says it does not affect IE8 (which is default in Windows 7)

How serious is this? Most people at work use XP with IE6/7. Even if you use Firefox on XP/Vista without IE8 I would still patch this.

I think the severity depends on how trust-worthy the site you visit are, If anything lower than IE8 is installed I'd patch all the same. Best to be safe.

 

[96accord]

Glad I use FireFox

 

[wwoods]

Glad I use FireFox

Yea, good think Firefox has never had any exploits eh ?

 

[holo88]

If it's still installed but your just not using it, it could maybe still effect you Holo, just because you don't run it doesn't ensure your safe from all risks lol.. As Firestrider says below you.
Your info could be mis-leading to others that might not use it but say for example, have family members who might click on IE as default.

well, that's why i have My computer and they have their computer. if they virus up their pc, it's no consequence to me (until i have to fix the damn thing )

+ both have FF (as default) and IE8 on them, so no worries

 

[Adamd]

Yea, good think Firefox has never had any exploits eh ?

Sure it has some, but IE always seems to have some.

 

[manosdoc]

It's a push from Microsoft to dump old IE6 and evaluate as much IE8.

 

[SIW2]

Similar here:

IE users beware: Zero-day attacks hit Microsoft Video ActiveX Control | Zero Day | ZDNet.com

 

[pestbest]

When we still compare how IE6 and improved from IE8, I still have to say IE is doing good. Last time, IE made it too simple to get viruses. At least now, the chances are decreased. I still use Firefox. According to Mozilla, IE users will probably get 285/365 days of viruses and FF only gets around like 18/365.

 

[SoLoR]

EVERY browser, OS or application has security holes. So dont jump the gun, when they are more often discovered in windows/ie then in other os/browsers. If i would create virus, it would most certanly be for more popular OS/browser then for something that maybe 20 or 30% of people are using (generous when it comes to OS). In all honesty, using "more popular" OS/browser just means security holes are found faster and potentialy fixed faster since more people are "working" on them also more media exposed so people get warned. I would bet there is much more "private" exploits there for FF, chrome or OSX then for Win/IE. One day you will visit some wrong site and you can get hacked without even knowing