ActiveX bug resurfaces

It hasn't been a great week for security... has it?

Yet another potentially devastating flaw inherent to Microsoft's Web language ActiveX has been revealed on SecurityForum's message-board "Bugtraq". The latest opening allows the kernel of Windows 98 or Windows NT computers to be permanently deleted from an applet embedded in a Web page.

Although Microsoft has already released a fix for the problem which makes it possible for a user to overwrite the kernel of a Windows 98 or Windows NT machine at the touch of a button, millions of users remain at risk according to Bugtraq.

Saul Hazledine, a regular contributor to Bugtraq, highlighted this latest exploit. There is also a fully working example posted on this Web page. This page should not, however, be visited without due care. Unless the ActiveX controls in Internet Explorer are de-activated, the links it contains have the potential to do serious damage to anyone using Windows 98 or Windows NT.

Take me to Hackers

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All