Thread: Microsoft Security Advisory (972890)
View Single Post
  #3 (permalink)  
Old 07-10-2009, 12:10 AM
PA Bear [MS MVP]
Newsgroup Contributor
  
Posts: n/a
Re: Microsoft Security Advisory (972890)
Please see http://support.microsoft.com/kb/972890

NB: MS CSS tells me that the FixIt is for Vista and Windows 2008, as well,
and recommends those running those OSS use it, too (despite what
http://www.microsoft.com/technet/sec...ry/972890.mspx may say about
those OSS).

PS: It's a Windows vulnerability which involves IE.

More about this here:
http://blogs.technet.com/msrc/archiv...ry-972890.aspx
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002


MaryBeth wrote:
> Has anyone applied the changes to Internet Explorer 7.0.5730.13IC as
> advised
> in this alert? It appears someone has managed to exploit a vulnerability
> in
> Microsoft Video ActiveX Control. Though the advisory states it is not
> necessary for the operation of IE 7 & below, some websites especially game
> sites rely on it. The file msvidctl.dll is the target of the attack. The
> workaround suggests disabling all DirectX scripting within IE 7 until a
> patch is developed. Would it be OK to enable DirectX scripting while in a
> gamesite and then disabling it when on the web?
> Thanks -- MaryBeth

Reply With Quote

 
Old 07-10-2009, 12:10 AM