I’m not trying to sound like a broken record here, but just yesterday Microsoft announced yet another major security issue for windows XP users that have IE7 and IE6. Unlike last week’s vulnerability that only affected the MS direct show plugin, this new issue affects multiple ActiveX controls that could be used to hijack your computer.
Both of these issues only work on older browsers and operating systems. That means that if you are using Windows XP and IE7 or IE6, you are vulnerable to this new attack. The attack works by exploiting an issue with ActiveX plugins that were not designed for Internet Explorer, but can be called upon by visiting a specially crafted website. If you visit one of these sites it can leverage one of the Active X controls to gain control of your system for whatever the attacker wants.
The good news is that you have options to fix this issue. The first option is fairly simple; just upgrade your system to IE8 for free. By doing this, you will not be vulnerable to the attack anymore since it does not affect IE8. The other option is to run a workaround that MS has made available. This method is not a permanent fix, but it will work for now until MS releases a more permanent alternative.
You can download IE8 here: http://www.microsoft.com/windows/internet-explorer/default.aspx
You can download the workaround here: http://support.microsoft.com/kb/972890. To install the workaround, go to this link then click the button that looks like this:
Finally, Microsoft is expected to release a permanent fix for this issue and last weeks issue on July 14th. You should see these fixes come through on your automatic updates.
Until next time, stay safe out there!