11-05-2006, 12:34 PM
Quote:A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.
The vulnerability is caused due to an unspecified error in the XMLHTTP 4.0 ActiveX Control.
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer.
NOTE: The vulnerability is already being actively exploited.
full security advisory: http://secunia.com/advisories/22687/
Quote:Microsoft is investigating public reports of a vulnerability in the XMLHTTP 4.0 ActiveX Control, part of Microsoft XML Core Services 4.0 on Windows. We are aware of limited attacks that are attempting to use the reported vulnerability...
Mitigating Factors:
In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.
An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights...
Microsoft security advisory: http://www.microsoft.com/technet/securit...27892.mspx