Infocon raised to yellow for Excel Activex vulnerability

July 14, 2009 | Jaime Blasco
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

Microsoft has released an advisory related to Office Web Components Activex. The ISC has raised the Infocon to yellow due to the active exploitation of the vulnerabilityfrom several .cn domains.

Alienvault’s feed customers are protected and covered with these directives:

  • 45050: AV Possible Malicious Server exploiting Excel ActiveX Client against DST_IP (CVE-2009-1136)
  • 45051: AV Possible Excel ActiveX Client side attack detected against SRC_IP (CVE-2009-1136)
  • 45052: AV Possible Excel ActiveX Client Side Attack against DST_IP from a compromised host (CVE-2009-1136)
  • http://isc.sans.org/diary.html?storyid=6778

    http://www.microsoft.com/technet/security/advisory/973472.mspx

    Jaime Blasco

    About the Author: Jaime Blasco
    Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AlienVault, Jaime leads the Lab Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AlienVault he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.
    Read more posts from Jaime Blasco ›

    ‹ BACK TO ALL BLOGS

    Watch a Demo ›
    GET PRICE FREE TRIAL