Microsoft has issued a new security advisory for a critical security issue that could potentially enable an attacker to take control of a users PC by way of Internet Explorer (IE) through the Microsoft Video ActiveX Control on Windows XP and Server 2003 platforms. Microsoft offers a work-around in its advisory to let users disable the ActiveX Control in question. According to the advisory Microsoft is currently working on a security update to fix the flaw as well.
This time around Microsoft Vista users are not at risk. Thanks to the way that Vista provides permissions to IE, this particular flaw doesn’t pose a risk to Vista users – only XP users. Considering that there are so many Windows XP clients and Server 2003 hosts running out there – this could be a risky flaw for most of us.
Check out the workarounds as provided in the MS security advisory and take appropriate action.