http://www.theregister.co.uk/2006/09/18/ie_flaw_warnings_grow/
By John Leyden
18th September 2006
Security experts warn a new, unpatched vulnerability in Internet
Explorer might be used to spread malware. A flaw in Microsoft's Direct
Animation Path (daxctle.ocx) ActiveX control, rated as critical by
Secunia and other security watchers, has spawned proof of concept code
but has not yet become the subject of widespread, hostile attack.
Memory corruption is possible even on a fully patched Windows XP
system.
A patch is unlikely until next month's Patch Tuesday update. Microsoft
said it was investigating the problem. Surfers are advised to restrict
which sites they allow to run ActiveX controls or here ActiveX
controls altogether. Tech-savvy IE users might try a workaround from
the SANS Institutes's Internet Storm Centre, as explained here. A
simpler solution, at least until Microsoft releases a patch, might be
to use Firefox, Opera or all any other alternative browser. ®
_________________________________
HITBSecConf2006 - Malaysia
The largest network security event in Asia
32 internationally renowned speakers
7 tracks of hands-on technical training sessions.
Register now: http://conference.hitb.org/hitbsecconf2006kl/
Received on Sep 18 2006
Intro
