Jump to content
xisto Community
sujith

Microsoft Xmlhttp Activex Control Code Execution Vulnerability Extremely critical

Recommended Posts

Another vulnerability to XP has been found by Security research firm Secunia.

 

Description:

A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.

 

The vulnerability is caused due to an unspecified error in the XMLHTTP 4.0 ActiveX Control.

 

Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer.

 

NOTE: The vulnerability is already being actively exploited.

Solution:

Microsoft has recommended various workarounds including setting the kill-bit for the affected ActiveX control

 

More Information on this

http://secunia.com/advisories/22687/

Edited by knight17 (see edit history)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.