Support Content Notification - Support Portal

SA31 : Microsoft Video ActiveX Control

Product/Component

Notification Id

1178

Last Updated

03 March 2020

Initial Publication Date

15 July 2009

Status

CLOSED

Severity

LOW

CVSS Base Score

WorkAround

Affected CVE

SUMMARY

A newly-found vulnerability in Microsoft Video ActiveX Controlcould result in an attacker gaining the same user rights as the local user when Internet Explorer supports this ActiveX control. In a Web-based attack scenario, an attacker could exploit this vulnerability via a properly-constructed Web page.

AFFECTED PRODUCTS

Blue Coat WebFilter systems have been updated to capture 100% of the known sites exploiting this vulnerability. Real-time detection mechanisms have also been added to WebPulse to automatically recognize and categorize newly-infected sites. A ProxySG policy to block sites categorized by WebFilter as “Spyware/Malware Sources” will protect WebFilter customers against this exploit.

The research staff at the Blue Coat Security Lab has been actively monitoring this exploit and making the necessary adjustments and updates to the WebFilter database and WebPulse infrastructure to protect Blue Coat customers. Multiple lists of infected sites with drive-by scripts to exploit this vulnerability in IE were published last week; however, Blue Coat's proactive research and monitoring of exploit trends via the WebPulse cloud community resulted in a large majority of these sites being categorized by Blue Coat as “Spyware/Malware Sources” before this exploit was even announced by Microsoft or publicized by the media.

July 14, 2009: Microsoft issued an update and public report to address this issue (including an available security update).

REFERENCES

Microsoft Security Advisory (9728980): http://www.microsoft.com/technet/security/advisory/972890.mspx