Next On Miss Popularity: The Flawed ActiveX Control
Users will be in for a real headache if hackers are able to successfully exploit an arbitrary file overwrite/delete vulnerability allowing them to remotely execute arbitrary code.
October 25, 2007
The company states that around 40 issues involving this type of vulnerability have been discovered since May 2007. Furthermore, it appears that these types of vulnerabilities are growing.
The list of products most-likely to be affected by this flaw includes VMware, Microsoft Visual Studio, NCTSoft, and HP Photo Digital Imaging.
Besides having the “delete” option available, the attackers can also create or append to arbitrary files. For instance, the attacker might schedule the execution of arbitrary code during the next reboot or logon session and the user won't be able to do anything to prevent this, given the fact that the object is within a signed ActiveX control.
Users are advised to avoid visiting unknown sites (the exploitation requires a visit on a malicious web page) and to deny all requests of loading un-trusted ActiveX controls.