Microsoft XML Core Services XMLHTTP ActiveX Control Remote Code Execution Vulnerability

A remote code execution vulnerability has been confirmed in Microsoft XML Core Services XMLHTTP ActiveX Control. According to a report by FrSIRT


This flaw is due to a memory corruption error in the XMLHTTP ActiveX Control when processing specially crafted arguments passed to a “setRequestHeader()” method, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by tricking a user into visiting a malicious Web page.


Microsoft has already released a security advisory for this and as of the moment is still investigating public reports.


Microsoft has also posted workarounds in their advisory in order to protect your systems while a patch is still unavailable.


We will update this blog as more information about the vulnerability is acquired.


Update (Jhoevine Capicio, Tue, 07 Nov 2006 03:28:16 AM)


Sunblet Blog has confirmed that this exploit is now being used in the wild.