Regresar al Archivo de Noticias

Bug in ActiveX Allows Attacks on Users Again

July 17, 2009  Malware News

Computer security experts have pointed out a second critical bug occurring on the heels of another recent attack. The main target group of this bug are users of MS Office, specifically, versions of Office XP and Office 2003. The bug also concerns users of ISA Server 2004 or 2006. The bug of so called "zero day" type is connected with the Office Web Component that serves for working with documents in a web environment. This way, the attackers smuggle a harmful file that attacks users when it’s displayed in Internet Explorer. The bug may also abuse by running a code remotely. The best way to protect yourself is to ban the ActiveX component. You can find the instructions on how to do this on the Microsoft website. Users of higher versions of MS Office or other web browsers should not be affected by this bug at all.

Regresar al Archivo de Noticias