Creative Software AutoUpdate Engine Vulnerable to ActiveX Control Fault
A critical vulnerability in the Creative Software automatic update engine could put Windows computers in danger of arbitrary code execution from a remote place, according to an alert from the US-CERT (United States Computer Emergency Readiness Team), as reported by ZDNet on May 27, 2008.
The US-CERT officials said that an ActiveX bug haunts the Creative Labs AutoUpdate system. The flaw harms the software that helps to supply updates to Creative Labs' video-audio amusement product line that includes the widely accessed Zen MP3 player line.
eEye Digital Security, the company that reported the bug, disclosed that a proof-of-concept is posted on an exploit site established for public access. An ActiveX control of the Create Software AutoUpdate Engine is marked Safe for Initializ...
» SPAMfighter News - 6/17/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!