Exploit released for unpatched ActiveX flaw

Exploit released for unpatched ActiveX flaw

"Code for exploiting a vulnerability in Microsoft's scripting control for
handling multimedia animation in Web pages was released on Thursday, the
software giant warned in an advisory.

The latest exploit code improves upon a previous exploit for the flaw
released at the end of August, which only reliably crashed vulnerable
systems. The exploit uses an ActiveX vulnerability in Microsoft's
DirectAnimation functionality to run code with the user's rights. In its
advisory posted on Thursday, Microsoft said it was investigating the
issue."

http://www.securityfocus.com/brief/304?ref=rss

Imhotep