New Zero-day Exploit Discovered

News of a newly discovered zero-day exploit is percolating across the Web as I type. But, while the hole is pretty serious, there's still a lot of confusion as to how many users are at risk. And to be clear, there are no attacks going on in the wild that we know of at this […]

Share online:

News of a newly discovered zero-day exploit is percolating across the Web as I type. But, while the hole is pretty serious, there's still a lot of confusion as to how many users are at risk. And to be clear, there are no attacks going on in the wild that we know of at this point.

This particular flaw is not in a piece of Microsoft software but in third-party software that Microsoft includes as part of its DirectX Media Software Developers Kit (SDK). Like many exploits we've seen lately, this is in the form of an ActiveX control – a technology Microsoft developed in the late 90s for creating plug-ins for various programs, especially Internet Explorer.

How to get attacked? First you have to have the flawed ActiveX control on your PC. According to security researcher Secunia, this one is from Live Picture Corp. and it's called DXSurface.LivePicture.FLashPix.1 (DXTLIPI.DLL).

Full Article

Internet, Web, Security, Flaw, Vulnerabilities, Zero-day, Exploits

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he’s engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.