Update: On September 30,2006, Symantec Security Response received reports that theWebViewFolderIcon ActiveX control vulnerability is being activelyexploited in the wild.
Shortly following the out-of-band patch for the VML vulnerabilityearlier this week, Microsoft is releasing yet another out-of bandadvisory. The latest advisory, released today (September 29, 2006),addresses an ActiveX vulnerability in Microsoft Windows.
The vulnerability is a buffer overflow in the MicrosoftWebViewFolderIcon ActiveX control, which, if successfully exploited,will allow an attacker to perform remote code execution on the victimmachine. Failed attempts would likely result in browser crashes.Proof-of-concept exploit code is available publicly.
In order to carry out an attack, the attacker would need to employsome form of social engineering (such as emails, instant messages, orbanner ads) and try to convince potential victims to click on...