By John Gable, Director of Consumer Product Management
There is a new Microsoft exploit that attacks silently in the background (aka, a new drive-by download). Microsoft has not yet deployed a patch and the instructions on how to implement this attack are available online for hackers. Thousands of sites have already been infected with the number increasing.
This vulnerability is within Microsoft DirectShow which runs within the browser via ActiveX. You are vulnerable if you are running Windows XP or Windows Server 2003 unless you have browser virtualization (available in ZoneAlarm Extreme Security. Good anti-virus solutions as standalone or within suites detect and remove the viruses that have so far been delivered through this exploit. Note that this exploit just points to a “hole” in your security – other viruses and malware could be delivered to your PC through this same hole which is why we and others recommend that you take steps to block this hole in the first place. It is not a good idea to rely purely on anti-virus to take care of this.
Of course, you can also just edit your registry. This might be a bit scary and could create problems if you make a mistake. Microsoft has do-it-yourself instructions as well as a “Fix it for me” program you can download to solve the problem.
Lots of news on this, including technical publications like TechWorld and InformationWeek as well as main stream outlets such as USA Today.