Microsoft warns world of critical security flaw

By Justin Mann on July 6, 2009, 5:30 PM
Users of Internet Explorer, Windows XP or Windows Server 2003 will want to be aware of a recent warning that Microsoft published. Starting today, the company began notifying the world that anyone using a combination of IE and the mentioned operating systems is at risk of having a recently-published ActiveX flaw exploited. In order for users to protect themselves, Microsoft is advising its customers to disable the ActiveX component that is to blame, going so far as to offering steps and one-click solutions on accomplishing just that.

The fact that Microsoft has published a security article along with a workaround so quickly indicates they are classifying this threat as very severe. Normally, even for dangerous flaws Microsoft opts to wait until Patch Tuesday before addressing any known security issues. Here, they are offering workarounds while a patch is created. Given the serious nature of the flaw, they will likely release a patch in the upcoming patch cycle.




User Comments: 13

Got something to say? Post a comment
Guest said:

It's rather amusing seeing this story follow the last one.

snowchick7669 snowchick7669 said:

Weren't they just trying to sell sell sell IE.

Poor Microsoft

tengeta tengeta said:

Do people seriously use web browsers on servers?

Darth Shiv Darth Shiv said:

Tengeta, it also applies to WinXP. There may be a few people in that category.

It is funny how ActiveX is still a security nightmare all these years after it was released. I just can't believe someone thought it was a good idea.

Guest said:

this is my favorite part....when we are all cut at the knees for some major corporation that has basically a legal monopoly on this world. security issue? wtf? how can this happen? are they not the richest company? can't they employ the smartest people to "predict" this? wow..,.

Guest said:

deactivate ActiveX Video Control until thats nice of them not to tell u how to do it also

JudaZ said:

They do tell you how to do it...

and its after all old sotware having problem, not new. XP is getting really old... 2003 Server ... how many browse and watch video on that?

Guest said:

Quite a few people still use and praise xp over that junk Vista.

Guest said:

FireFox FTW!!!!!!!

Aolish Aolish said:

will they finally make IE as a SEPARATE application instead of integrating it with there os? will they ever learn?

bedouinrising said:

aolish - they did that for win 7

strategic strategic, TechSpot Paladin, said:

Beleive it or not... Server software needs updates too...

Staff
Rick Rick, TechSpot Staff, said:

Do people seriously use web browsers on servers?

That is a bad question for two reasons.

  1. Primarily because it ignores the other 98% of computers that are *not* running Windows server...
  2. ... But also because an activex exploit can be delivered in other ways. Sure, the primary attack vector is IE, but since IE is used in many parts of the system to render certain software interfaces, for installers, for help files etc.. It's theoretically dangerous whether or not you browse the web with IE.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.