Danger Streaming Michael Jackson Video
The timing couldn’t have better for the bad guys. Microsoft recently acknowledged a zero-day vulnerability in a Video ActiveX control. Today a temporary patch was released using their new “Fix It”.
This vulnerability only affects Windows XP and Windows Server 2003. The attack can occur when attempting to stream video from a web page or an Email. While popular news organizations are safe I’ve already had unconfirmed reports of fake Michael Jackson videos that include malware packaged up using this known vulnerability.
The filename of the ActiveX control is msvidctrl.dll so if you’re asked to allow this ActiveX control to be installed you won’t want it. For more information Click Here. Meanwhile, if you’re using any version of Windows XP or Server 2003 click the link above and follow instructions from Microsoft.