As mentioned in the
previous post
there's a new 0-day vulnerability in Microsoft's
ActiveX Video Controls, more specifically in the
file msvidctl.dll. Microsoft now has
published an advisory
about the vulnerability and in the advisory they
recommend that you set the killbit to disable the
vulnerable CLSIDs, all 45 of them.
As
this vulnerability is actively being used in
drive-by downloads it's a good idea to do this.
Or,
you could download our free Internet Security
Technology Preview or our standalone
ExploitShield
beta, which also protects against this —
proactively, without the need for updates.
We
tried our Internet Security Technology Preview (on
which our upcoming 2010 product will be based) and
its Browsing Protection against this new exploit
and it worked like a charm. It blocked the exploit
attempt without the need for any
signatures/shields. The generic exploit protection
is pretty awesome, as is ExploitShield itself.
Here's
a video of how ISTP does against the new
vulnerability and what happens if you disable
parts of the protection technologies.