Posted by Alvaro, July 10, 2009
Microsoft has publicly announced two new vulnerabilities in Internet Explorer:
1 .Users get infected on clicking a link to a video
This vulnerability affects the Windows XP and Windows Server 2003 operating systems.
Workaround published by Microsoft
2. Exploit that causes a memory overflow
This exploit takes advantage of a Mpeg2tunerequest stack overflow vulnerability in the msvidctl.dll library. Upon exploitation, an attacker could gain the ability to take full control of a compromised system.
You can find information about this second vulnerability at http://www.microsoft.com/technet/security/advisory/971778.mspx
Microsoft has not publicly acknowledged this vulnerability yet, and so it hasn’t published any official solution.
So far, there is only the possibility of setting a kill bit for the vulnerable control. You can do so by saving this file with the extension .reg and running it as administrator:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}] “Compatibility Flags”=dword:00000400
There is no information about the operating system versions affected by this exploit.
The following video explains how TruPrevent Technologies protect against this type of attack.
Sean-Paul Correll from Panda Security
Proactive protection against the msvidctl.dll ActiveX control vulnerability from Panda Security on Vimeo.
All our clients with Retail and/or Corporate products with TruPrevent Technologies enabled are protected against this exploit.
Remember PandaLabs blog, everything you need to know about Internet threats.