OWC ActiveX exploits starting to increase
A few days ago Microsoft released a security advisory (973472) for a vulnerability in Microsoft Office Web Components (OWC). This is being actively exploited. Proof of concept code is here and there is at least one Metasploit module for this. We'll only be seeing an increase in exploit attempts so until a patch is released, you should start implementing workarounds.
Some things you can do to protect yourself:
Microsoft SRD blog has more info.
Some things you can do to protect yourself:
- Set killbits {0002E541-0000-0000-C000-000000000046} and {0002E559-0000-0000-C000-000000000046} per the Microsoft advisory. Thankfully, Microsoft has a slick fix it package here from KB973472.
- Block known bad domains such as f1y.in (see SANS ISC post)
- Keep your Antivirus updated!!
- Use the Noscript plugin for Firefox
- Don't use Internet Explorer until a patch is released
Microsoft SRD blog has more info.
posted by Network Sentry at
9:42 AM
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home