Windows ActiveX Flaw Still Active After Patch 1/24/2005 - 967 views,
|
Previous Article « New Worm Targets Windows and MSN Messengers
Read Next Article » Breaking News: Virus Masquerades as CNN Headlines
However, today the anti-virus experts at GeCad Net are reporting that the patch distributed by Microsoft does not fully fix the flaw (and try saying that three times fast!) According to the Romanian-based GeCad Net, which sold their anti-virus software business to Microsoft a few years ago, the patch leaves unfixed at least one weakness which could be an avenue of attack on the HTML Help ActiveX control. GeCad Net also said that “the potential for attack is opened up if a computer is updated with Microsoft’s Windows XP Service Pack 1 or Windows 2000 Service Pack 4, along with the most recent security patches”, but added that the problem can be prevented by updating with Windows XP Service Pack 2. A spokesperson for Microsoft said that they were already working to fix the problem discovered by GeCad Net, and added that “Microsoft issued an update to address a vulnerability in the HTML help control in Windows, and this update does protect against the publicly reported vulnerability.”
A couple of weeks ago, Aunty reported to you that Microsoft had announced a patch for their ActiveX security flaw.
|
|
Email the link for this page to a friend! |
Read more:
» Microsoft Announces Patch for “Help Flaw” Security Hole
» New Critical Internet Explorer (IE) Flaw Involves Msdds.dll
» Firefox Flaw Found and Fixed (Get the Patch)
For additional similar stories check out our archives on Security, Windows
