"There's an old ActiveX control hanging around many Windows systems that's still accessible to Internet Explorer, whose original purpose was to tune into MPEG2 transport streams -- typically live video streams sent from a server using MPEG2 format. Yes, MPEG2 transport streams still exist, but any more, browsers including IE8 have appropriate plug-ins to handle them -- Windows Media Player is one, Apple's QuickTime is another.
But still there's this ActiveX control sitting there doing nothing, waiting to be leveraged for an attack. Earlier today, Microsoft acknowledged a SANS Internet Storm Center report saying that there's an active exploit of this disused bit of functionality published on Chinese Web sites. Apparently malicious users are utilizing it now in "drive-by" attacks that could result, say security experts including Sophos' Graham Cluley, in installation and execution of nearly any malicious payload.
This morning, Microsoft security engineer Chengyun Chu noted that in order for a Web site to use this exploit to deliver this payload, the user would need to click on a link that launches that Web site. That makes Outlook relatively safe if that link is embedded in the type of e-mail message that says, "Check this out!" just so long as the user doesn't click on that link. In other words, the code cannot be triggered automatically through Microsoft's e-mail client."
See http://www.betanews.com/article/Dont...day/1246909464 for the rest of the article and details on how to make the activeX in question set to be as a 'killbit'.