MS Active-X exploit

Are we protected from the latest 0-day exploit to IE? If so, which versions?

Thanks.

http://blogs.pcmag.com/securitywatch/2009/07/zero-day_exploit_hits_windows.php

 

^ there

 

The "Fix it for me" solution is recommended if it applies to you.
http://support.microsoft.com/kb/972890

 

Right I realize that. But I have many clients not on Vista or IE8.

 

See >
http://isc.sans.org/diary.html?n&storyid=6739

http://blogs.technet.com/msrc/archive/2009/07/06/microsoft-security-advisory-972890-released.aspx

http://www.dslreports.com/forum/r22660114-Critical-0day-Microsoft-DirectShow-Vulnerability-exploited

This is developing as the KB is a workaround until MS releases a full patch !

Posted *As Is* thank you. Proceed at your own risk and peril.

 

AV software will not protect against a vulnerable library being used as an infection vector; no AV software will do this. If malicious content comes down to the system and the signatures or heuristics can detect it, then Nod32 will protect your system. You are best off running the FixIt .msi package from Microsoft which will install the Killbits CLSID's to keep this library from launching in IE.