HDTV/3D TV News
Cybercriminals are targeting yet another vulnerability in Microsoft product – the Microsoft Video ActiveX Control.
The zero-day vulnerability that was found can be exploited via a malformed Web page.
The attack, that was already spotted in the wild, enables remote code execution (RCE) on the targeted machine.
By exploiting this vulnerability cybercriminals are inserting a data-stealing Trojan to the victim’s machine.
For more information about this zero-day attack and a snapshot of the actual code visit Finjan’s blog at http://www.finjan.com/MCRCblog.aspx?EntryId=2300
Microsoft has just released an Advisory about this vulnerability: http://www.microsoft.com/technet/security/advisory/972890.mspx
Microsoft is currently working to develop a security update for Windows to address this vulnerability.
Web security products utilizing real-time code analysis technologies are the preferred solution to block such 0-day attacks.
Yuval Ben-Itzhak, Finjan CTO explains, “Finjan customers are protected from this zero-day attack as Finjan’s Vital Security Web Gateway is able to detect the exploit and block the attack without prior knowledge of the specific technique.”
Comments (0)
