Vulnerability Note VU#810772

Microsoft Agent fails to properly handle specially crafted .ACF files

A vulnerability exists in the way that Microsoft Agent handles specially crafted .ACF files. Exploitation can occur when a remote attacker convinces the user to visit a specially crafted web site.

Microsoft states that the following systems are affected:

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

Microsoft has released updates in Microsoft Security Bulletin MS06-068 to address this issue.

Workarounds

Microsoft has provided the following workarounds, please reference MS06-068 for further information.

• Temporarily prevent the Microsoft Agent ActiveX control from running in Internet Explorer
• Configure Internet Explorer to prompt before running ActiveX Controls or disable ActiveX Controls in the Internet and Local intranet security zone
• Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones

http://www.microsoft.com/technet/security/bulletin/ms06-068.mspx
http://secunia.com/advisories/22878/
http://www.securityfocus.com/bid/21034

Credit

Thanks to Microsoft Security for reporting this vulnerability in Microsoft Security Bulletin MS06-068.

This document was written by Katie Steiner.

Other Information

If you have feedback, comments, or additional information about this vulnerability, please send us email.