By Mike Kent

July 6, 2009 1:57PM

Microsoft has warned of an Internet Explorer vulnerability involving its Video ActiveX Control that could let an attacker take control of a PC. Microsoft said the vulnerability affects Windows XP and Windows Server 2003. It offered a workaround to the IE ActiveX hole that it said should also be used for Windows Vista and Windows Server 2008.

Microsoft has warned of a vulnerability in its Video ActiveX Control that affects Windows XP and Windows Server 2003. The software giant said there have been limited attacks exploiting the vulnerability. The flaw could be exploited by a visit to a malicious Web site and allow an attacker to take control of a PC. Microsoft said it is working on a security update, and meantime advised that users prevent Microsoft Video ActiveX Control from running in Internet Explorer. The steps to stop the control in IE are a bit complex, but Microsoft offers a "Fix it for me" option at http://support .microsoft.com/kb/972890. Microsoft also recommends users of Windows Vista and Windows Server 2008 take these steps. The Microsoft Video ActiveX Control connects DirectShow filters for video and is used in Windows Media Center. When the control runs in Internet Explorer, it can corrupt the system so that an attacker can run arbitrary code. Security vendor Symantec said the vulnerability affects IE6 and IE7, but not IE8.

Microsoft/Windows 1. Ballmer Says Windows 7 Sales Good 2. Office 2010 Integrates with the Web 3. MS Told To Stop Some Windows Sales 4. Microsoft Releases Multiple Betas 5. IE9 Likely To Access PC Hardware

Have an informed opinion on this story? Send a Letter to the Editor.

We want to know what you think. Send us your Feedback.

Related Topics	Latest News & Special Reports
Microsoft Internet Explorer Vulnerability ActiveX Windows XP Windows Server 2003 Workaround	Barnes & Noble Nook Is Delayed   Ballmer Says Windows 7 Sales Good   New Pogoplug 'Cloud' Gets Social   Chrome OS Team Aims for Speed   FAA Glitch Causes Air Travel Delays