A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll). Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer. The vulnerability is reported in Microsoft Visual Studio 2005.
Microsoft says it is investigating and may issue an out-of-cycle patch to resolve a bug.
Source internetnews.com. Read article here.
Read Secunia advisory here.