You are here: silicon.com > Software > Security Strategy

Security Strategy

Critical ActiveX Office hole under attack, warns Microsoft

Where's IE taking you?

Tags: office, microsoft

Printer Friendly Email Story RSS

By Elinor Mills

Published: 14 July 2009 10:48 GMT

Attackers are exploiting a new critical ActiveX hole in Microsoft Office to take control of PCs by luring Internet Explorer users to malicious websites, Microsoft said on Monday.

The zero-day hole, the third one announced by Microsoft in less than two months, is in Office Web Components ActiveX controls used to display and publish spreadsheets, charts and databases to the web.

It affects Office XP, Office 2003, Internet Security and Acceleration Server 2004 and 2006, as well as Office Small Business Accounting 2006.

The security advisory details a manual workaround, or people can use Microsoft's Fix-It tool to implement the workaround automatically.

Microsoft said it was working on a security update to patch the hole.

Antivirus vendor Sophos, meanwhile, said in a blog posting on its site that it had received reports of several websites, mostly in China, serving the exploit as part of a web exploit kit that downloads and runs a Windows Executable detected as "Mal/Generic-A".

Original article: Microsoft warns of attacks on new ActiveX hole from CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Microsoft plugs Windows, Word and Excel holes

Adobe patches hole after exploits found in the wild

Microsoft patches critical Exchange, IE holes

Microsoft: IE at risk from security hole

Microsoft Office, Windows get critical flaw fixes in latest patch batch

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
BA/PM

Assist the business in decision making on errors, issues etc and create sound workaround procedures where necessary taking into consideration risk, ...

Business Evangelist for International Management Consultancy. SME sector

By and large, the wealthier European countries have greater-than-average sized SMEs, probably reflecting their ability to exploit economies of scale ...

2nd Line Technical Support

2nd Line Technical Support Analyst with extended knowledge of Microsoft client operating systems (98, NT, 2000, XP) and computer hardware and ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Second iPhone worm: A botnet risk

Outsourcing: CIOs' tips on getting it right

Recession hitting low paid IT jobs

Pay for IT chiefs weathers the storm

Illegal downloaders crackdown: Digital Economy Bill to cut them off

Salesforce.com makes more friends in the cloud




Quick Sitemap Links: