Creative Software AutoUpdate Engine Vulnerable to ActiveX Control Fault

A critical vulnerability in the Creative Software automatic update engine could put Windows computers in danger of arbitrary code execution from a remote place, according to an alert from the US-CERT (United States Computer Emergency Readiness Team), as reported by ZDNet on May 27, 2008.

The US-CERT officials said that an ActiveX bug haunts the Creative Labs AutoUpdate system. The flaw harms the software that helps to supply updates to Creative Labs' video-audio amusement product line that includes the widely accessed Zen MP3 player line.

eEye Digital Security, the company that reported the bug, disclosed that a proof-of-concept is posted on an exploit site established for public access. An ActiveX control of the Create Software AutoUpdate Engine is marked Safe for Initializ...

ยป SPAMfighter News - 17-06-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page