MS Security Advisory (925444) Question

[Guest]

Vulnerability in the Microsoft DirectAnimation Path ActiveX Control Could
Allow Remote Code Execution
Published: September 14, 2006 | Updated: September 27, 2006

Any updated news about this?

The reason I ask is I have taken the recommend action of setting the "kill
bit" but would like to unset it when the patch comes out, before applying the
patch.

Also, How does this affect people who allow the install of IE7-G who have
the "kill bit" set? Is 7 vunerable? If not, Should they Unset it Before they
allow the install, or should they unset it After the install?

This might be a good thing to know before
"G Day", Nov 1st 2006, a date which will live in ...," well never mind.

?
Tim
Geek w/o Portfolio
Alphas and Betas and Gammas, Oh My!
Tantum Suspiciosissimi Supersunt

 

[Guest]

Hello Tim,

I remember read something about the patch, (but right now I don't remember
where).

What I have in the back of my memory, is this, you can override the patch
with only accepting the D/L or serchaing for the same.

Probably somebody else can shine the light better.

 

[Guest]

I think I get the information thru US-CERT government, but I can not find it.

http://www.us-cert.gov/reading_room/securing_browser/

http://www.us-cert.gov/cas/alerts/SA06-258A.html

Subscribe to a mailing list
http://www.us-cert.gov/cas/

You can subscribe to those Homeland Security emails and get all the
national warnings, etc, along with computer security.