Posted by Alvaro, July 10, 2009

Microsoft has publicly announced two new vulnerabilities in Internet Explorer:  

imagen_blog2

 

1 .Users get infected on clicking a link to a video

This vulnerability affects the Windows XP and Windows Server 2003 operating systems.

Workaround published by Microsoft

 

 

2. Exploit that causes a memory overflow

This exploit takes advantage of a Mpeg2tunerequest stack overflow vulnerability in the msvidctl.dll library. Upon exploitation, an attacker could gain the ability to take full control of a compromised system.

You can find information about this second vulnerability at http://www.microsoft.com/technet/security/advisory/971778.mspx

Microsoft has not publicly acknowledged this vulnerability yet, and so it hasn’t published any official solution.

 

So far, there is only the possibility of setting a kill bit for the vulnerable control. You can do so by saving this file with the extension .reg and running it as administrator:

 Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}] “Compatibility Flags”=dword:00000400

There is no information about the operating system versions affected by this exploit.

The following video explains how TruPrevent Technologies protect against this type of attack.

 

                       Sean-Paul Correll from Panda Security

Proactive protection against the msvidctl.dll ActiveX control vulnerability from Panda Security on Vimeo.

All our clients with Retail and/or Corporate products with TruPrevent Technologies enabled are protected against this exploit.

Remember PandaLabs blog, everything you need to know about Internet threats.