The folks from Redmond, Washington (MS) are warning folks that cyber criminals are targeting a previously unknown security vulnerability in Windows XP and Server 2003 to compromise PC's. Microsoft has instructions on how to protect yourself from this flaw.
Microsoft said that the vulnerability can be used to install malware on the victim PC if they can get you to browse to a hacked or booby trapped Web site that the criminal controls. The Internet Storm Center is warning folks to take action now due to a report that thousands of newly compromised Web sites have been seeded with the exploit code for this vulnerability. The ISC is also reporting that the exploit code has been posted to numerous Web sites in China. Symantec is reporting that one site that is now seeding this attack is the Russian Embassy in DC.
The flaw is in Internet Explorer versions 6 or 7. Seems that Internet Explorer 8 is not vulnerable to this attack.
Microsoft says that the problem lies in the DirectShow ActiveX Control. They are reportedly working on this to get a patch released soon. The normal Microsoft patch cycle is due to be released on the second Tuesday of July. Not really sure that they will be able to get a patch ready by this date so they are recommending to folks that they should consider disabling the feature because there doesn't seem to be any by-design uses for this ActiveX control in IE (Internet Explorer). Most folks out there use IE as their default browser so this is VERY important. To enable the Microsoft work around, click here, then click on the "Fix This Problem" icon.
Microsoft is also saying that "while Windows Vista and Windows Server 2008 customers are not affected by this vulnerability, we recommend that they also implement the workarounds as a defense-in-depth measure." To read more information on this topic, click here to view the Internet Storm Center post.
Stay safe out there and if you are on the vulnerable systems, take this action now. Have a fabulous rest of the week.