Websense Security Labs alert : zero day exploit targeting Internet Explorer vulnerability
July 2009 by Websense
Websense® Security Labs ThreatSeeker Network is currently tracking legitimate sites that have been compromised to lead to a zero-day exploit targeting an Internet Explorer vulnerability. The compromised sites lead to a handful of payload sites hosting the exploit code which targets msvidctl.dll - an ActiveX control for streaming video.
The new zero-day exploit has been added to other exploits on Chinese payload sites. We have been monitoring these sites, which have been systematically injected throughout the last year.
Further information can be found at SecurityFocus who has assigned BID 35558 to this vulnerability. No vendor patch currently exists for this vulnerability.
ThreatSeeker is tracking this attack and we will provide updates as new information emerges.
Screenshot of malicious exploit code:
Websense® Messaging and Websense Web Security customers are protected against this attack.