ActiveX Security Advisory: What you need to know right now

Microsoft is actively investigating reports of a vulnerability in Microsoft’s Video ActiveX control that could allow remote code execution. Microsoft is working to develop a security update for Windows to address this vulnerability.

What you need to know

·         If you use Windows Vista or Windows Server 2008 you are not affected.

·         If you use Windows XP Service Pack 2 or Windows XP Service Pack 3 your computer might be affected.

·         The vulnerability might affect one of the main components that Microsoft Windows Media Center uses for recording and playing television video.

·         If you are logged on with administrative user rights, an attacker could take control of your system.

What you can do to help protect yourself

·         Turn on automatic updating so your computer will automatically download and install the security update when it is available.

·         If you have advanced technical knowledge and you want to enable a workaround right now, visit Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution.


For more specific information about this vulnerability, see Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution.

For more general information about your computer’s security, see 4 steps to protect your computer.

Share this post :

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »