Article

Zero-day attacks target Microsoft Visual Studio

Bill Brenner

Attackers are actively exploiting a new zero-day flaw in Microsoft Visual Studio 2005, and the software giant has released a set of workarounds IT administrators can use to blunt the threat.

In the advisory posted on

    Requires Free Membership to View

the company's TechNet Web site, Microsoft said it's investigating reports of a vulnerability in an ActiveX control that's part of Visual Studio 2005 on Windows. Attackers could exploit the flaw to run malicious code on targeted machines.

Zero-day attacks:
AV upstarts tout need for speed in zero-day fight

Microsoft Excel zero-day flaw discovered

Zero-day flaws target 'safe' programs

New Microsoft Word zero-day exploit discovered

"We are aware of proof-of-concept code published publicly and of the possibility of limited attacks that are attempting to use the reported vulnerability," Microsoft said. "Customers would need to visit an attacker's Web site to be at risk."

When the investigation is completed, Microsoft said it will take the appropriate action to help protect customers. "A security update will be released through our monthly release process or an out-of-cycle security update will be provided, depending on customer needs," the company said.

In its advisory on the threat, Danish vulnerability clearinghouse Secunia said the problem is an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll).

Podcast:
What is a zero-day exploit?

"Successful exploitation allows execution of arbitrary code when a user visits a malicious Web site using Internet Explorer," Secunia said. "The vulnerability is already being actively exploited."

The firm rated the flaw "extremely critical," its highest threat level. The rating is designated for remotely exploitable vulnerabilities that can lead to a full system compromise.

To blunt the threat, Microsoft recommends IT administrators take the following actions:

  • Prevent the WMI scripting control from running in Internet Explorer.
  • Configure Internet Explorer to prompt before running active scripting or disable Active scripting in the Internet and Local intranet security zone.
  • Set Internet and Local intranet security zone settings to "high" to prompt before running ActiveX controls and active scripting in these zones.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: