Friday, September 29, 2006

Windows WebViewFolderIcon ActiveX vulnerability..

Microsoft Security Bulletin have notified of vulnerability in Windows WebViewFolderIcon ActiveX control which contains an integer overflow vulnerability that could allow a remote attacker to execute arbitrary code.

Systems affected: Windows / Internet Explorer

Microsoft has not released any patch to mitigate the vulnerability. However, as a precautionary measure it is recommended not to open any unsolicited URLs, including those received in email, instant messages, web forums, or internet relay chat (IRC) channels and also do not Open Attachments in the mail from unknown Mail addresses.