netdef (netdef) wrote,

Windows Shell Vulnerability

Vulnerability in the Windows Shell could allow remote code execution.

The vector is Microsoft's WebViewFolderIcon ActiveX control (Web View). The vulnerability exists in Windows Shell and is exposed by the Web View ActiveX control.

Details and workarounds at

Public release of exploit code:

I would expect that with the public release of the vulnerability details and sample exploit code, we will see rising attacks on this over the coming weekend. It's recommended that people comfortable with editing the Registry go to that first Microsoft link and use the first work around (set the kill bit on the Active X control).

  • Moving onwards

    I've only been maintaining a technical blog for the last few years. Find me at I am also toying with resuming…

  • LOL moment today

    Several lines from this article caused near nasal fountains of coffee. Don't read while drinking! Smell you later, Axe. It turns out that there is…

  • Thinking about my near term future . . .

    Quote that hit home today: “When I was younger I could get so much more done. But I wouldn’t want to be any less than 50. That would be ideal.” --…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded