Actively Exploited Microsoft Security Vulnerability
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
Unpatched, critical, security vulnerability in Microsoft XML Core Services is actively being exploited by attackers.
By simply visiting the website on vulnerable machine, the computer can become infected.
Here are the provisions of this bug:
- Web-based attack scenario, which means users have to be led to the site to exploit the vulnerability through a specifically crafted link (such as email message, instant message, etc.)
- If the attacker successfully exploits this flaw and gets on to the victim’s machine, it will obtain the same user rights as the current user logged in. Depending on the type of account (limited or administrator), will declare the ability of the malware.
CVE entry: CVE-2012-1889
Microsoft KB entry: KB2719615
A temporary fix is in place by Microsoft: Fix-It – Please secure your system now! The final fix is being developed by Microsoft.
- Microsoft XML vulnerability under active exploitation (googleonlinesecurity.blogspot.com)
- IE remote code execution vulnerability being actively exploited in the wild (nakedsecurity.sophos.com)
You may want to consider purchasing Malwarebytes’ Anti-Malware to protect against these types of threats.