1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Microsoft Agent Remote Code Exec

HTTP Microsoft Agent Remote Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to exploit a vulnerability in Microsoft Agent which could result in remote code execution.

Additional Information

A remote code execution vulnerability exists in Microsoft Agent in the way that it processes URLs.

Microsoft Agent is an ActiveX control object which hosts a set of programmable software services that supports the presentation of interactive animated characters within the Windows interface. An exploitable condition exists in the Agent.Charactor.Load methods. When a malformed URL is processed, a memory corruption error may result that can cause an access violation or allow code execution.


  • Windows


Upgrade to the latest version of Microsoft Agent and ensure that all patches are applied.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube