MS.Windows.hxvz.dll.ActiveX.Control.Memory.Corruption
Description
In April 08, 2008, Microsoft released a Security Bulletin MS08-023 regarding one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
An anonymous researcher working with the iDefense VCP for reporting the ActiveX Object Memory Corruption Vulnerability - CVE-2008-1086. A remote code execution vulnerability exists in the ActiveX control hxvz.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user
The security update is rated Critical for Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4; Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4; Windows XP Service Pack 2; and Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2.
The security update is rated Important for Windows Vista and Windows Vista Service Pack 1; and Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1.
The security update is rated Moderate for all supported editions of Windows Server 2003.
Affected Products
Microsoft Internet Explorer 5.01 SP4 and Internet Explorer 6 SP1 in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008.
Impact
The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Recommended Actions
As detailed in Microsoft Security Bulletin MS08-023, Microsoft recommends that customers apply the update immediately.
For FortiGate users, turning on these IPS signatures can prevent exploitation of this vulnerability:
MS.hxvz.dll.ActiveX.Control.Memory.Corruption
MS.hxvz.dll.Unknown.Parameter.ActiveX.Control.Memory.Corruption
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-10-12 | 16.941 | Name:MS. hxvz. dll. ActiveX. Control. Memory. Corruption:MS. Windows. hxvz. dll. ActiveX. Control. Memory. Corruption |