July 14, Microsoft issued a warning in Monday that the attackers were exploiting a serious ActiveX security vulnerability in Microsoft Office software to control users ' PCs by luring IE users to visit malicious websites. This is Microsoft in less than two months time announced the third 0 attack security vulnerabilities. This security vulnerability exists in the Office's Web Component ActiveX control. This control is used to display and publish forms, charts, and databases to the Web. This vulnerability affects software such as Office XP, Office 2003, Internet Security and Accelerator Server 2004 and 2006, and Office Sgt Business Accounting 2006. Security experts detail the manual approach to bypassing this security vulnerability. Users can also use Microsoft's Fix-it tool to automate the process of bypassing this security vulnerability. Microsoft said it was developing a security patch to fix the security breach. Antivirus software company Sophos says it has received many reports that some websites, mainly in China, offer this tool to exploit cyber security vulnerabilities. This tool downloads and runs a Windows executable file with the file name "Mal/generic-a" checked. Author: Tianhong
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
