The specific CLSIDs to set the killbit for are: At the moment there is no patch, there is a workaround, and it can be automated for enterprise deployment. Which may tend to indicate it has been used in targeted rather than broad based attacks. Microsoft mentions that they are aware of active exploits against this vulnerability, although we at the SANS Internet Storm Center haven't seen it used or mentioned in public as of yet (this has changed, we are seeing active exploit pages). The CVE entry for the vulnerability is CVE-2009-1136. This vulnerability exists in the ActiveX control used by IE to display Excel spreadsheets. Microsoft has released an advisory related to an Office Web Components ActiveX vulnerability, it is available here. Update1: The vulnerability is being actively exploited on web sites.
0 Comments
Leave a Reply. |