http://www.theregister.co.uk/2006/09/18/ie_flaw_warnings_grow/ By John Leyden 18th September 2006 Security experts warn a new, unpatched vulnerability in Internet Explorer might be used to spread malware. A flaw in Microsoft's Direct Animation Path (daxctle.ocx) ActiveX control, rated as critical by Secunia and other security watchers, has spawned proof of concept code but has not yet become the subject of widespread, hostile attack. Memory corruption is possible even on a fully patched Windows XP system. A patch is unlikely until next month's Patch Tuesday update. Microsoft said it was investigating the problem. Surfers are advised to restrict which sites they allow to run ActiveX controls or here ActiveX controls altogether. Tech-savvy IE users might try a workaround from the SANS Institutes's Internet Storm Centre, as explained here. A simpler solution, at least until Microsoft releases a patch, might be to use Firefox, Opera or all any other alternative browser. ® _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
This archive was generated by hypermail 2.1.3 : Mon Sep 18 2006 - 22:44:06 PDT