Looks like there is another ActiveX vulnerability. If you are unfamiliar with ActiveX, basically, a web page can do stuff like read and write files when you use Internet Explorer and allow ActiveX options. This nice for the Microsoft Update site to see which files it needs to update, but that’s about it in my opinion. Sure, there is a pop-up that asks you if you want to allow a website to use ActiveX but history shows that too many people allow ActiveX when the shouldn’t. There is an unbelievable amount of attacks that use ActiveX. That’s one of the main reasons I use Firefox instead of Internet Explorer, it doesn’t have ActiveX so you don’t have to worry. Google’s Chrome is another web browsers that doesn’t have ActiveX.
Our friends over at the Internet Storm Center are keeping an active eye on this new vulnerability. You can read all about it and follow their updates here. So do your Microsoft Updates, several just came out, and if you really want to be safe, stop using Internet Explorer or use it as little as possible and switch to Firefox, Chrome or even Opera. Stay Safe.
