We’ve got a live one here folks. This one was posted a few hours over on Secunia. This one is rated as Extremely Critical and provides remote access. There is a workaround from Microsoft.
From Secunia:
“Description:
A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll).
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer.
The vulnerability is reported in Microsoft Visual Studio 2005.
NOTE: The vulnerability is already being actively exploited.
Solution:
Microsoft has recommended various workarounds including setting the kill-bit for the affected ActiveX control (see the vendor’s advisory for details).
Provided and/or discovered by:
Discovered as a 0-day.
Sample exploit provided by Michal Bucko (sapheal), hack.pl.”
And here is the Microsoft Advisory
UPDATE: This is now being actively exploited!
Tags: Microsoft Visual Studio, ActiveX Exploit, Vulnerability
