Update on the FLEXnet Connect/InstallShield Update Service vulnerability
While doing some research on the security vulnerability in FLEXnet Connect and InstallShield Update Service I checked several versions of the agent.exe redistributable and it seems that it's using different CLSIDs in each release. The US-CERT advisory recommends setting the kill-bit for the control. But since its CLSID keeps changing this is quite difficult. The CLSID listed in the US-CERT article appears to apply only to the latest (= fixed) version. So (unless I'm mistaken, which is quite possible) the kill-bit workaround from US-CERT will NOT work and you are still vulnerable.