‘Critical’ Flaw in Visual Studio 2005?

A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an unspecified error in the WMI Object Broker ActiveX Control (WmiScriptUtils.dll). Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer. The vulnerability is reported in Microsoft Visual Studio 2005.

Microsoft says it is investigating and may issue an out-of-cycle patch to resolve a bug.

Source internetnews.com. Read article here.

Read Secunia advisory here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.