Select Page

There is a new vulnerability out there, and SANS has reported it in the wild.  

We are on the lookout for sites and I will update as we get more information.

For now, here are your references:

Microsoft Security Advisory #927892 “Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution”

Secunia “Microsoft XMLHTTP ActiveX Control Code Execution Vulnerability”

Securiteam “ActiveX – reason of the newest Windows 0-day, again”

CERT advisory.

Alex Eckelberry
(And thanks to Juha-Matti Laurio)