Microsoft Warns of New Windows Zero Day Flaw

Microsoft has released a security advisory with workarounds for a critical zero day vulnerability affecting Windows users and warned that malicious hackers are already exploiting the flaw in live attacks.

The advisory provides prepatch mitigation for a bug in Microsoft XML Core Services, formerly known as the Microsoft XML Parser, a service that lets users create applications that interoperate with the XML 1.0 standard.

The vulnerability is caused by an unspecified error in the XMLHTTP 4.0 ActiveX Control and is rated "extremely critical" by security alerts aggregator Secunia, in Copenhagen, Denmark. Microsoft Warns of New Windows Zero-Day Flaw

Linked by shanmuga Tuesday, 7th November 2006 7:01AM