‘Critical’ Flaw in Visual Studio 2005?

Posted on November 3, 2006 by Dragan Pleskonjic

A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll). Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer. The vulnerability is reported in Microsoft Visual Studio 2005.

Microsoft says it is investigating and may issue an out-of-cycle patch to resolve a bug.

Source internetnews.com. Read article here.

Read Secunia advisory here.

Share

About Dragan Pleskonjic

Chief Security Officer, University Lecturer, Entrepreneur, Security Researcher, Security Architect & Adviser, Software Development Manager. More info about Dragan Pleskonjic.
This entry was posted in Operating Systems and Application Security, Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>