Zero Day Attack Targets IE – Kaseya Posts Fix in Hours

On July 6th Microsoft Security Advisory reported a vulnerability in Microsoft Video ActiveX Control that could allow remote code execution.

Many security researchers have given the vulnerability the highest security rating. Haowei Ren and Geok Meng Ong said in their McAfee Avert Labs blog that the web exploit tool toolkit also sends a “cocktail of exploits,” including XMLhttp.d, RealPlay.a, BBar and MS06-014, as well as the zero-day MSDirectShow.b. [via EWeek Europe]

Within hours Ben Lavalley, Sr. Sales Engineer at Kaseya, posted an automated resolution to the issue on the Kaseya forum.  The agent based framework and automation functions within Kaseya allow IT Administrators to respond rapidly to situations such as these.

If you are a Kaseya customer, you can grab Ben’s code here.  If you have any issues, be sure to respond within the forum. Good luck to all!

2 Responses to “Zero Day Attack Targets IE – Kaseya Posts Fix in Hours”

  1. Randy July 10, 2009 at 11:14 am #

    Has anyone experienced slow performance on the internet after deploying this script?

Leave a Reply:

Gravatar Image