Fri, Jul 10 2009 1:09
A better, more reliable, work-around for the Microsoft Video Control Vulnerability
For the past few days I've been following the Microsoft Video Control Vulnerability with interest. Basically, it's another vulnerable ActiveX control that needs killbitted. Last night, Microsoft posted a work-around which involves using a Group Policy ADM template (ADM is the template format that was deprecated in Vista and Windows Server 2008). Unfortunately, the template tattoos the registry, which is not really recommended.
I contemplated for a while writing a work-around for this issue, but then remembered that I actually did; almost three years ago. The workaround I wrote then, for another ActiveX vulnerability will not tattoo the registry, and will be much simpler to deploy with an Enterprise Management System. Just take the CLSIDs from the advisory (there are 45 of them) and run my script that many times with the -k switch. If you wish to revert the change, run the same script with the -r switch.
Read the complete post at http://msinfluentials.com/blogs/jesper/archive/2009/07/09/a-better-more-reliable-work-around-for-the-microsoft-video-control-vulnerability.aspx
Filed under: Windows Security, Windows Vista, Mitigations, Windows Server 2008