Initial Publication Date: Advisory Status: Advisory Severity: Legacy ID
15 Jul 2009 Closed Low
A newly-found vulnerability in Microsoft Video ActiveX Controlcould result in an attacker gaining the same user rights as the local user when Internet Explorer supports this ActiveX control. In a Web-based attack scenario, an attacker could exploit this vulnerability via a properly-constructed Web page.
Blue Coat WebFilter systems have been updated to capture 100% of the known sites exploiting this vulnerability. Real-time detection mechanisms have also been added to WebPulse to automatically recognize and categorize newly-infected sites. A ProxySG policy to block sites categorized by WebFilter as “Spyware/Malware Sources” will protect WebFilter customers against this exploit.
The research staff at the Blue Coat Security Lab has been actively monitoring this exploit and making the necessary adjustments and updates to the WebFilter database and WebPulse infrastructure to protect Blue Coat customers. Multiple lists of infected sites with drive-by scripts to exploit this vulnerability in IE were published last week; however, Blue Coat's proactive research and monitoring of exploit trends via the WebPulse cloud community resulted in a large majority of these sites being categorized by Blue Coat as “Spyware/Malware Sources” before this exploit was even announced by Microsoft or publicized by the media.
July 14, 2009: Microsoft issued an update and public report to address this issue (including an available security update).
Microsoft Security Advisory (9728980): http://www.microsoft.com/technet/security/advisory/972890.mspx
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.