Tweet
by Terrence O'Brien — Jul 7th 2009 at 12:54PM
You know things are bad when Microsoft is trying to draw attention to its latest security flaw. A new vulnerability is affecting Internet Explorer users who are running Windows XP or Windows Server 2003 (do the latter even exist anymore?), allowing hackers to take control of victims' PCs remotely.
The risk of infection and hijacking is very serious since a user simply has to visit a Web site to fall prey to it. Criminals have been exploiting the security hole for about a week, primarily through links included in spam. Microsoft is working on the problem, but since the flaw was just recently discovered it may be a little while before it figures out how to plug the hole without breaking other features. Of course, we know from experience that Microsoft likes to take its sweet time with these things.
The flaw lies in how Internet Explorer and its notorious ActiveX controls handle video playback. Microsoft is encouraging users to disable the vulnerable ActiveX controls -- even in versions of Windows not known to be affected by the security problem -- until it can release an emergency patch later this month.
Microsoft has instructions for how to disable the feature manually, but unless you're comfortable digging around the registry (and have a whole lot of free time on your hands), we suggest using Microsoft's automated work-around. Simply click the 'Fix This Problem' button on this page to automatically turn off video ActiveX controls.
Another way to avoid this problem is to simply use an alternative browser like the newly released Firefox 3.5 or Chrome -- neither of which use ActiveX controls. [From: Associated Press and Microsoft]
Serious Internet Explorer Flaw Leaves Windows Users Vulnerable
You know things are bad when Microsoft is trying to draw attention to its latest security flaw. A new vulnerability is affecting Internet Explorer users who are running Windows XP or Windows Server 2003 (do the latter even exist anymore?), allowing hackers to take control of victims' PCs remotely.
The risk of infection and hijacking is very serious since a user simply has to visit a Web site to fall prey to it. Criminals have been exploiting the security hole for about a week, primarily through links included in spam. Microsoft is working on the problem, but since the flaw was just recently discovered it may be a little while before it figures out how to plug the hole without breaking other features. Of course, we know from experience that Microsoft likes to take its sweet time with these things.
The flaw lies in how Internet Explorer and its notorious ActiveX controls handle video playback. Microsoft is encouraging users to disable the vulnerable ActiveX controls -- even in versions of Windows not known to be affected by the security problem -- until it can release an emergency patch later this month.
Microsoft has instructions for how to disable the feature manually, but unless you're comfortable digging around the registry (and have a whole lot of free time on your hands), we suggest using Microsoft's automated work-around. Simply click the 'Fix This Problem' button on this page to automatically turn off video ActiveX controls.
Another way to avoid this problem is to simply use an alternative browser like the newly released Firefox 3.5 or Chrome -- neither of which use ActiveX controls. [From: Associated Press and Microsoft]
Serious Internet Explorer Flaw Leaves Windows Users Vulnerable