Technology news and Jobs 
Information Technology News Microsoft admits Windows XP is under attack!
Information Technology News Microsoft admits Windows XP is under attack! | Microsoft admits Windows XP is under attack! |
|
| by Davey Winder | |
| Tuesday, 07 July 2009 | |
  
With the Russian government gunning for Microsoft because of it, and cash machines using it revealed to be stealing PIN codes, things couldn't get much worse for Windows XP right now could they? Featured Whitepaper
5 Best Practices for Smartphone Support
Microsoft, which admits to being "aware of attacks attempting to exploit the vulnerability" says that an attacker who is successful in exploiting the vulnerability could gain the same user rights as the local user. When you combine Windows XP (and Windows Server 2003 for that matter) with Internet Explorer 6 or 7 (although security analysts suggest that IE 8 is OK) that code execution becomes remote and does not require any user intervention. Although Microsoft does say that there are "no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control" it is recommending removing support for this ActiveX Control within Internet Explorer. Indeed, it is even recommending that Windows Vista and Windows Server 2008 customers remove support as well, even though there is no evidence to suggest they are impacted by the vulnerability, as a defense-in-depth measure. Microsoft is working on a security update to address the vulnerability, but in the meantime, instructions to remove support can be found in Knowledge Base Article 972890. |
Tags
| < Next story in category | Previous story in the category > |
|---|
