Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: MSIE DirectAnimation ActiveX 0-day update SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MSIE DirectAnimation ActiveX 0-day update
Microsoft released a security advisory regarding the 0-day we reported on earlier.

Timeline:
Workarounds:
  • Use an alternate browser (see also diversity)
  • Disable ActiveX scripting in MSIE
  • Modify the ACL on daxctle.ocx to remove rights to use it
  • Set the KillBit for "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}"
  • Make MSIE prompt before executing ActiveX
Please note that windowsupdate needs an ActiveX enabled browser, but you can do that with settings to the security zones and trusting Microsoft.

With thanks to the readers writing in to remind us.

--
Swa Frantzen -- Section 66
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!