Flaws in ActiveX controls are being increasingly used to run security exploits

Arbitrary file overwrite and deletion flaws, typically exploited through ActiveX controls, are well on the way to becoming a new class of security flaw, according to net security firm Symantec.

"These vulnerabilities exist particularly because of a registered ActiveX control failing to restrict which domains may load the control for execution. An attack exploiting this vulnerability can lead to arbitrary code execution by a remote attacker," a blog posting by Symantec researcher Parveen Vashishtha warns. Rogue ActiveX controls menace users | Channel Register

Linked by shanmuga Friday, 26th October 2007 11:58PM

20% off Spyware Doctor and Registry Mechanic - use coupon code: pctools20. Click Here Now!

$10 off on Spy Sweeper. And shop safe this holiday season. Click Here Now!

15% on Norton AntiVirus 2008 - coupon code: 10NAV08. Click Here Now!

Back to: PC Security, privacy news

More News, Articles from elsewhere

Only one in 28 emails legitimate

Registry Sentinel Removal

AntivirusMaster Removal

For safer browsing

Protect Your Identity, Protect Your Pocket

Symantec: Microsoft Access ActiveX attacks will intensify

Windows XP SP3 Hits Microsoft’s Automatic Update Service

Browser Security: IE vs. Safari vs. Firefox

If you browse with Internet Explorer, get the latest version

Several vulnerabilities closed in the Linux kernel

8 Best Practices for Encryption Key Management and Data Security

Free Honeypot Client Could Sting Malware

What Firewalls Do & Donot Do

Opera Continues to Lead the Pack

Zonebak Trojan Removal

PCAntiSpyware Removal

The ultimate identity theft: house stealing

Fake Google Calender meeting invitations used in new spam attack

Spam Goes More and More Mobile

Should Microsoft Throw Away Vista?

Angry Vista users vent over SP1 driver issues

Safari 3.1 Crashes On Windows XP, Users Complain

Symantec fingers D Link for bot attacks

Want Vista SP1? Here is what to expect

99 Windows Vista Performance Tips and Tweaks

How to Remove AVMaster (AVMaster removal)

How to Remove AntivirusMaster (AntivirusMaster removal)

Norton 2009 products open to public beta

How to Remove Pakes Trojan (Pakes Trojan removal)

How to Remove TheRegistrySentinel (TheRegistrySentinel removal)

Security lapse exposes Facebook photos

Top Tips to Mobile Data Security

iPhone DoS vulnerability

Kaspersky launches Mobile Security 7.0 protection for smartphones

Mobile subscribers showered with spam

HOW TO: Install Ubuntu, Ubuntu Installation Guide

HOW TO: Synchronize Folders Between Computers

HOW TO: Set Up Dynamic DNS

HOW TO: Install Safari on Ubuntu with Flash and Shockwave!

HOW TO: Read The Wall Street Journal’s Web site for free

The fine print

All trademarks, product names and company names or logos cited herein are the property of their respective owners. News content is the property of their respective authors/owners/publishers.

Malware Help. Org does not represent, warrant, or endorse the accuracy, reliability, completeness or timeliness of any of the information, content, views, opinions, recommendations or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the information contained in this News Story.

By reading this you understand and agree that everything that is written in this article is for educational use only, and none of it should be used at any circumstances, and if you choose to use this information for any kind of action you take full responsibility for it and release Malware Help. Org (c) of any responsibility. If you do not agree to whats written here, LEAVE NOW!

Webmasters! Don't want your site's news/articles appear here, No problem, please drop me a line, Malware Help. Org will be happy to comply with your wishes.

About the RSS News feeds and News articles from other sites