MalwareTeks Blog

Security experts warn an unpatched vulnerability in Internet Explorer may be used to spread malware. A critical flaw in Microsoft’s Direct Animation Path (daxctle.ocx) ActiveX control has spawned proof of concept code but has not yet become the subject of widespread attacks. This proof of concept code can execute on a fully patched Windows XP SP2 system.

Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows Millennium Edition

No patch is forth coming and may not be available until next month’s Tuesday update. Microsoft is investigating the vulnerability. In the mean time restrict which sites you allow to run ActiveX controls or disable ActiveX controls altogether. A workaround is available from the SANS Institutes’s Internet Storm Centre. A simpler solution, until Microsoft releases a patch, is to use an alternative browser; such as Firefox or Opera.