Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution

Article translations

(ישראל (עברית

(الشرق الاوسط (العربية

Brasil (Português)

Danmark (Dansk)

Deutschland (Deutsch)

España, Latinoamérica (Español)

France (Français)

Italia (Italiano)

Magyarország (Magyar)

Nederland (Nederlands)

Norge (Norsk Bokmål)

Polska (Polski)

Portugal (Português)

Suomi (Suomi)

Sverige (Svenska)

Türkiye (Türkçe)

United States (English)

Česká republika (Čeština)

Ελλάδα (Ελληνικά)

Россия (Русский)

भारत (हिंदी)

ไทย (ไทย)

中国 (简体中文)

台灣 (繁體中文)

日本 (日本語)

대한민국 (한국어)

Support for Windows XP ends April 8, 2014

Microsoft will end support for Windows XP on April 8, 2014. This change will affect your software updates and security options.
Learn what this means for you and how to stay protected.

Article ID: 972890 - View products that this article applies to.

System TipThis article applies to a different version of Windows than the one you are using. Content in this article may not be relevant to you.Visit the Windows 7 Solution Center

If you are a Small Business customer, find additional troubleshooting and learning resources at the Support for Small Business site.

Expand all | Collapse all

INTRODUCTION

Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/advisory/972890.mspx

(http://www.microsoft.com/technet/security/advisory/972890.mspx)

RESOLUTION

Microsoft has completed the investigation into a public report of this vulnerability. We have issued security bulletin MS09-032

(http://go.microsoft.com/fwlink/?LinkId=157386)

to address this issue. For more information about this issue, including download links for an available security update, please review security bulletin MS09-032. The vulnerability that is addressed is the Microsoft Video ActiveX Control Vulnerability - CVE-2008-0015.

For more information about how to obtain the security update release that resolves this issue, click the following article number to view the article in the Microsoft Knowledge Base:

973346

(http://support.microsoft.com/kb/973346/ )

MS09-032: Cumulative Security Update of ActiveX Kill Bits

For more information about security bulletin MS09-032, visit the following Microsoft Web page:

http://go.microsoft.com/fwlink/?LinkId=157386

(http://go.microsoft.com/fwlink/?LinkId=157386)

For more information about the Video ActiveX Control Vulnerability, visit the following Microsoft Web page:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0015

(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0015)