Hewlett-Packard Company Affected

Notified:  October 01, 2008 Updated: June 09, 2009



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


This issue is addressed with the HP Virtual Rooms client 7.01. This update sets the kill bit for the vulnerable version of the ActiveX control, while providing an updated version with a different CLSID. Please see the HP Virtual Rooms 7.01 release notice for more details. This control is also disabled in Internet Explorer with the update for Microsoft Security Advisory (969898).