Poll: Like Our New Look?
Do you like our new look & feel?
All polls
Home | Technology-News | Windows users hit by zero-day flaw

Windows users hit by zero-day flaw

06 November, 2006 12:00:00
Font size: Decrease font Enlarge font

Microsoft is warning against a new exploit in all Windows versions except Windows 2003 that is actively being exploited by attackers.

The flaw affects a part of the Microsoft XML Core Services 4.0 that is referred to as the XMLHTTP 4.0 ActiveX Control. The Core Service technology provides interoperability between applications that are based on the XML 1.0 standard and Microsoft's Jscript, VBScript and Visual Studio 6.0 programming environments.

The flaw allows attackers to take over control of a system. They could exploit the flaw by luring their victims to a specially crafted website or a page on a social service like Myspace. They could exploit the vulnerability through specially crafted advertisements that are placed on third party websites.

Microsoft warned that the company is aware of "limited attacks" exploiting the flaw.

Security website Secunia rated the bug as " extremely critical", its most severe rating.

read more here


Comments (0 posted):

Post your comment comment

Please enter the code you see in the image:

  • email Email to a friend
  • print Print version
Tags
No tags for this article
Rate this article
0