Security Vulnerability Research & Defense

Browse by Tags

All Tags » activex » Kill-Bit » clsid (RSS)

Tuesday, August 12, 2008 11:30 AM

MS08-041 : The Microsoft Access Snapshot Viewer ActiveX control

MS08-041 fixes a vulnerability in the Microsoft Access Snapshot Viewer ActiveX control. It’s an interesting vulnerability so we wanted to go into more detail about platforms at reduced risk and also more about the servicing strategy for this vulnerability.

Posted by swiblog | (Comments Off)

Filed under: Attack, classid, IE, Internet Explorer, Mitigations, timing attack, Workarounds, killbit, Kill-Bit, clsid, activex, phoenix bit

Thursday, June 05, 2008 10:00 AM

Why there won't be a security update for WkImgSrv.dll

Recently, there was a public post in milw0rm ( http://www.milw0rm.com/exploits/5530 ), talking about an issue in the ActiveX control of Microsoft Works 7 WkImgSrv.dll. The PoC claims that it would achieve remote code execution. McAfee Avert Labs Blog

Posted by swiblog | (Comments Off)

Filed under: attack vector, Mitigations, Kill-Bit, clsid, activex

Security Vulnerability Research & Defense

This Blog

Syndication

Search

News

Blogroll

Report a Vulnerability to Microsoft

Tags

Recent Posts

Archives

Browse by Tags

MS08-041 : The Microsoft Access Snapshot Viewer ActiveX control

Why there won't be a security update for WkImgSrv.dll