Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Finjan Blocks New Zero-Day Attack on Microsoft Video ActiveX Control

July 2009 by Finjan

Cybercriminals are targeting yet another vulnerability in Microsoft product - the Microsoft Video ActiveX Control. The zero-day vulnerability that was found can be exploited via a malformed Web page.

The attack, that was already spotted in the wild, enables remote code execution (RCE) on the targeted machine. By exploiting this vulnerability cybercriminals are inserting a data-stealing Trojan to the victim’s machine .

Microsoft has just released an Advisory about this vulnerability: http://www.microsoft.com/technet/security/advisory/972890.mspx

Microsoft is currently working to develop a security update for Windows to address this vulnerability.

Web security products utilizing real-time code analysis technologies are the preferred solution to block such 0-day attacks. Yuval Ben-Itzhak, Finjan CTO explains, “Finjan customers are protected from this zero-day attack as Finjan’s Vital Security Web Gateway is able to detect the exploit and block the attack without prior knowledge of the specific technique.”




See previous articles

    

See next articles