The flaw, known as a zero-day
vulnerability, is viewed as “extremely critical” by one security research
Microsoft said while it knows of proof of concept code published publicly,
it said any exploit would cause only “limited attacks.” The software maker
also released a security advisory suggesting ways users could avoid the flaw.
The vulnerability, part of the WMI Object Broker ActiveX found in the
WmiScriptUtils.dll file, could allow attackers to gain administrator access.
Users would need to visit Web sites that include the exploit, according to
Additionally, users of Visual Studio 2005 running on Windows Server 2003 or
Windows systems with IE7’s default configuration are not vulnerable to the
Microsoft said it would wait until its investigation ends before
deciding whether to issue a fix before its regular patch session.
Danish security firm Secunia rated the flaw “critical” and said on its Web site that it is already being actively exploited.
Not everything is critical for Secunia, as it is downplaying reports of a newly
discovered Windows XP flaw. The vulnerability is within the Windows Internet
Connection Service, part of the operating system enabling users to
share Internet connections on a local area network.
While the flaw could cause Windows Firewall to be disabled and open users to
some risk, an attacker would need to be a part of the local area network to access the system. The firm issued a rather simple solution to use a router instead of ICS to
share your Internet connection.