Zero-day attacks target Microsoft Visual Studio

By Bill Brenner, Senior News Writer 01 Nov 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Attackers are actively exploiting a new zero-day flaw in Microsoft Visual Studio 2005, and the software giant has released a set of workarounds IT administrators can use to blunt the threat.

In the advisory posted on the company's TechNet Web site, Microsoft said it's investigating reports of a vulnerability in an ActiveX control that's part of Visual Studio 2005 on Windows. Attackers could exploit the flaw to run malicious code on targeted machines.

Zero-day attacks: AV upstarts tout need for speed in zero-day fight Microsoft Excel zero-day flaw discovered Zero-day flaws target 'safe' programs New Microsoft Word zero-day exploit discovered

"We are aware of proof-of-concept code published publicly and of the possibility of limited attacks that are attempting to use the reported vulnerability," Microsoft said. "Customers would need to visit an attacker's Web site to be at risk."

When the investigation is completed, Microsoft said it will take the appropriate action to help protect customers. "A security update will be released through our monthly release process or an out-of-cycle security update will be provided, depending on customer needs," the company said.

In its advisory on the threat, Danish vulnerability clearinghouse Secunia said the problem is an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll).

Podcast: What is a zero-day exploit?

"Successful exploitation allows execution of arbitrary code when a user visits a malicious Web site using Internet Explorer," Secunia said. "The vulnerability is already being actively exploited."

The firm rated the flaw "extremely critical," its highest threat level. The rating is designated for remotely exploitable vulnerabilities that can lead to a full system compromise.

To blunt the threat, Microsoft recommends IT administrators take the following actions:

• Prevent the WMI scripting control from running in Internet Explorer.
• Configure Internet Explorer to prompt before running active scripting or disable Active scripting in the Internet and Local intranet security zone.
• Set Internet and Local intranet security zone settings to "high" to prompt before running ActiveX controls and active scripting in these zones.

Tags: Emerging Information Security Threats,  Web Browser Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats Antispyware buying guide for Indian enterprises ATM malware lets attackers take over machines FTC shutters rogue ISP for hosting malicious content, botnets The failing war against cybercriminals White House cybersecurity czar faces major hurdles Cybercrime and threat management The Pipe Dream of No More Free Bugs Face-off: Who should be in charge of cybersecurity? Federal efforts to secure cyberinfrastrucure Adobe working on patch to correct new zero-day flaw Web Browser Security Security researchers develop browser-based darknet Microsoft cracks down on click fraud ring Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates IT pros can detect, prevent website vulnerabilities, thwart attacks Stolen FTP credentials likely in massive website attacks Trust eroding as social engineering attacks climb in 2009, says Kaspersky expert US-CERT warns of Gumblar, Martuz drive-by exploits Google study backs browser silent auto update feature Firefox update addresses several security flaws Web Browser Security Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary