An Exploit That Targets Developers
Towards the end of last week a vulnerability affecting Microsoft's Visual Studio was identified in the wild, though it isn't known just how widespread the attacks are at this stage.
While the mechanism of the vulnerability, an ActiveX control buffer overflow leading to remote code execution, isn't exactly new, it is the target (and the fact it is being actively targeted) that makes it somewhat interesting.
In the past there have been proof of concept and limited release vulnerabilities targeting developers, reverse engineers, forensic analysts, and a range of other service providers. What hasn't really happened with any of the previous examples is a move to exploitation in the wild.
Developers who are not able to separate their development environment from the Internet, and who use their development systems to surf the Internet, will be at greatest risk from this particular exploit. With the increasing levels of high quality online development libraries and code samples, it is becoming rarer that developers maintain a clear separation between the two and so the vulnerable userbase is actually quite a high proportion of the total number of Visual Studio installations.
If you have Visual Studio 6 installed and you want to be protected against the vulnerability in the Msmask32.ocx ActiveX Control, either install version 6.0.84.18 (reported to be fixed in this version), or set the killbit for the following CLSID in the Registry :
{C932BA85-4374-101B-A56C-00AA003668DC}.
18 August 2008
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.
Subscribe to our feed.