1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS OLE Automation Remote Code Exec

HTTP MS OLE Automation Remote Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a vulnerability in Microsoft OLE Automation which could lead to remote code execution.

Additional Information

A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Affected

  • Windows 2000 SP4
  • Windows XP SP2
  • Windows XP Prof x64 Edition and Windows XP Prof x64 Edition SP2
  • Windows Server 2003 SP1 and Windows Server 2003 SP2
  • Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition SP2
  • Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista; Windows Vista x64 Edition
  • Microsoft Office 2004 for Mac
  • Microsoft Visual Basic 6.0 SP6

Response

Download and install all patches from the vendor related to this issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube