Microsoft warns world of critical security flaw

Status
Not open for further replies.

Justin

Posts: 914   +0

Users of Internet Explorer, Windows XP or Windows Server 2003 will want to be aware of a recent warning that Microsoft published. Starting today, the company began notifying the world that anyone using a combination of IE and the mentioned operating systems is at risk of having a recently-published ActiveX flaw exploited. In order for users to protect themselves, Microsoft is advising its customers to disable the ActiveX component that is to blame, going so far as to offering steps and one-click solutions on accomplishing just that.

The fact that Microsoft has published a security article along with a workaround so quickly indicates they are classifying this threat as very severe. Normally, even for dangerous flaws Microsoft opts to wait until Patch Tuesday before addressing any known security issues. Here, they are offering workarounds while a patch is created. Given the serious nature of the flaw, they will likely release a patch in the upcoming patch cycle.

Permalink to story.

 
Tengeta, it also applies to WinXP. There may be a few people in that category.

It is funny how ActiveX is still a security nightmare all these years after it was released. I just can't believe someone thought it was a good idea.
 
this is my favorite part....when we are all cut at the knees for some major corporation that has basically a legal monopoly on this world. security issue? wtf? how can this happen? are they not the richest company? can't they employ the smartest people to "predict" this? wow..,.
 
deactivate ActiveX Video Control until thats nice of them not to tell u how to do it also
 
They do tell you how to do it...

and its after all old sotware having problem, not new. XP is getting really old... 2003 Server ... how many browse and watch video on that?
 
Quite a few people still use and praise xp over that junk Vista.
 
will they finally make IE as a SEPARATE application instead of integrating it with there os? will they ever learn?
 
Do people seriously use web browsers on servers?
That is a bad question for two reasons.

  1. Primarily because it ignores the other 98% of computers that are *not* running Windows server...
  2. ... But also because an activex exploit can be delivered in other ways. Sure, the primary attack vector is IE, but since IE is used in many parts of the system to render certain software interfaces, for installers, for help files etc.. It's theoretically dangerous whether or not you browse the web with IE.
 
Status
Not open for further replies.
Back