Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:
Microsoft has completed the investigation into a public report of this vulnerability. We have issued security bulletin MS09-043 to address this issue. For more information about this issue, including download links for an available security update, please review security bulletin MS09-043. The vulnerability that is addressed is the Microsoft Office Web Components Control Vulnerability - CVE-2009-1136.
For more information about how to obtain the security update release that resolves this issue, click the following article number to view the article in the Microsoft Knowledge Base:
957638 MS09-043: Cumulative Security Update for ActiveX Kill Bits
For more information about security bulletin MS09-043, visit the following Microsoft Web page:
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE Zero Day