Active exploits for Office ActiveX control

Stephen Withers
Tuesday, 14 July 2009 07:52

Business IT - Security

According to Sophos, websites hosting exploits for this vulnerability are mainly located in China.

"Given the popularity of the software affected, the severity, and the lack of a patch, SophosLabs has assigned this vulnerability a rating of Critical," company officials said.

Security software vendors are addressing the issue. For example, Check Point says it has already updated its Endpoint Security and ZoneAlarm products, while Sophos is "in the process of collecting all known samples and publishing detection for them" according to the company's most recent blog posting.

Another ActiveX control is due to be fixed by Microsoft this week.

A vulnerability in the MPEG2TuneRequest ActiveX Control Object is reportedly being exploited via thousands of compromised web sites in China and other parts of Asia.

Both of these ActiveX flaws could be exploited in a "'browse and get owned' scenario" according to Microsoft security officials.

Also expected in this month's Patch Tuesday updates are fixes for the DirectShow vulnerability, a flaw affecting all currently supported versions of Windows, and flaws in Publisher, ISA Server, Virtual PC and Virtual Server.

It would be unusual if Microsoft was able to complete its testing of a patch for the Office Web Components issue in time to release an update alongside these fixes.