Microsoft update KB980195 Addresses the vulnerability discussed under the Microsoft Security Bulletin MS10-034, which is part of the 10 new security update bulletins released on June 8, 2010.
MS10-034 addressed two privately reported vulnerabilities for Microsoft software. The vulnerability could allow remote code execution through a crafted web page setup by the attacker. If the user views that Web page and if that instantiates a specific ActiveX control with Internet Explorer, it allows the attacker to do a remote code execution. This particular update includes kill bits for four third-party ActiveX controls. This update sets the kill bits so that the vulnerable controls do not run in Internet Explorer.
As this updated is rated critical for most of the Windows operating systems, user must download this update immediate either by running the Windows Update (WSUS service) or from the direct links given at the end of this post.
Update Information:
Cumulative Security Update for ActiveX Killbits for Windows (KB980195)
Rating:
Critical: Windows 7, Windows Vista, Windows XP, Windows 2000 ; Moderate: Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2.
Direct Download Links:
Windows 7 | x64 | x86 |
Windows Vista | x64 | x86 |
Windows XP | x64 | x86 |
You might also want to download MS10-035 security update bulletin.