Microsoft has released a security advisory about a vulnerability in Microsoft Video ActiveX Control which can be exploited remotely in Internet Explorer.
The vulnerability advisory states that Microsoft is aware that attackers are trying to exploit the vulnerability which means that users of the browser may be exposed to attacks when they use it on the Internet.
Internet Explorer users are therefor advised to fix the vulnerability as soon as possible to prevent possible attacks on their computer system.
The security vulnerability affects only Windows XP and Windows Server 2003 systems. Computer systems running Windows Vista, Windows Server 2008 or Windows 7 are not affected because "the ability to pass data to this control within Internet Explorer" is restricted in these operating systems.
A successful attack will give the attacker the same user rights as the currently logged in user. Microsoft has issued a workaround for the Internet Explorer vulnerability that can be applied manually or using Microsoft Fix It.
The fastest way to patch the security vulnerability is to use the Microsoft Fix It script that will perform all the actions of the workaround automatically. The fix will basically remove support for the ActiveX Control in Internet Explorer. This should not have any impact on the web browser's functionality according to Microsoft.
Update: Microsoft has released a security bulletin that addresses the vulnerability. Users who run operating systems affected by it should install the update to protect it from harm.
This can be done by using Windows Update to do so or by downloading the patch files manually from Microsoft instead.
Additional information about the vulnerability, affected operating systems and ways to patch the system are available on the Microsoft Technet website.
As Microsoft stated previously, only CP and Server 2003 and older operating systems are affected by the issue while all newer versions of Windows are not.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.