Notified: April 11, 2008 Updated: April 11, 2008
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: June 06, 2008
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
From the HP Support Document: To install HP Instant Support - v1.0.0.24 or later, choose to “launch an online diagnostic session�? from the Instant Support Professional edition web site: http://www.hp.com/go/ispe The vulnerabilities can also be resolved by the following procedure: Set the kill bit for the vulnerable ActiveX control's Class identifier (CLSID) {14C1B87C-3342-445F-9B5E-365FF330A3AC} . The kill bit is set by modifying the data value of the Compatibility Flags DWORD value for the CLSID of this ActiveX control to 0x00000400. This is explained in Microsoft's article KB240797 or subsequent. http://support.microsoft.com/kb/240797