Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
MS06-067
Date:11.14.2006
Threat Type: Malicious Website / Malicious Code
Websense® Security Labs™ received proof of concept code for a vulnerability in the "DirectAnimation ActiveX Control" in September 2006. Since that time our miners have been searching for sites that are exploiting this vulnerability. Multiple sites were discovered to be actively exploiting this in the wild. The majority of these sites have been installing a variant of the HaxDoor backdoor/keylogger.
Infected Site Screenshot:
Today Microsoft released MS06-067 to address this vulnerability. Because this vulnerability is being exploited in the wild, we recommend that you apply this patch as soon as possible.
- http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx
- http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4446