Monday, July 07, 2008

Microsoft Security Advisory 955179

Microsoft has released Security Advisory 955179, "Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution".

The vulnerability only affects the ActiveX control for the Snapshot Viewer for Microsoft Office Access 2000, Microsoft Office Access 2002, and Microsoft Office Access 2003. The ActiveX control is shipped with all supported versions of Microsoft Office Access except for Microsoft Office Access 2007. The ActiveX control is also shipped with the standalone Snapshot Viewer.

There are manual workarounds included in the Advisory which Microsoft has tested. However, those workarounds require editing the registry. A simpler solution is available for WinPatrol users.
  1. Launch WinPatrol and select the ActiveX tab.
  2. Be sure the "List non-Microsoft controls only" box is UNchecked.
  3. Click on the CLSID column twice to sort in reverse order.
  4. One-by-one, scroll to each of the CLSID entries below.
  5. Select the line and click "Disable".
  6. Accept the prompt.
After Microsoft has issued an update, merely reverse the process.

For further information on this advisory, see Snapshot Viewer ActiveX Control Vulnerability and Security Advisory 955179.

Additional information about ActiveX control in WinPatrol 2008 is available in Announcing WinPatrol 2008 With ActiveX Control

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: