• info
• discussion
• exploit
• solution
• references

MS Visual Basic 6 Package and Deployment Wizard ActiveX Control Remote Code Execution Vulnerability

Solution:
Microsoft released security bulletin MS07-045 and fixes to address this issue. Please see the referenced bulletin for more information.


Microsoft Internet Explorer 7.0 beta1

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4F8DAED8-9925 -494D-B2F5-1E29F4040F6A


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit IE (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=5BD7BCBD-528A -4A16-A39A-A5FF5F69A2E2


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34669CA2-46B0 -4FBF-8FBD-AD7A13920103


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP Service Pack 2 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7A2B4395-EABA -45EC-8D0C-932EBCC3D344


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=CD7ED4D5-7790 -41DB-8B68-CFD59105CA36


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE27B2F-ACA4 -4758-8CE4-A98F1FF6BA70


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=53497E53-D10C -43AF-AD56-9F07739A5284

Microsoft Internet Explorer 7.0 beta3

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4F8DAED8-9925 -494D-B2F5-1E29F4040F6A


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit IE (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=5BD7BCBD-528A -4A16-A39A-A5FF5F69A2E2


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34669CA2-46B0 -4FBF-8FBD-AD7A13920103


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP Service Pack 2 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7A2B4395-EABA -45EC-8D0C-932EBCC3D344


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=CD7ED4D5-7790 -41DB-8B68-CFD59105CA36


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE27B2F-ACA4 -4758-8CE4-A98F1FF6BA70


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=53497E53-D10C -43AF-AD56-9F07739A5284

Microsoft Internet Explorer 7.0

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4F8DAED8-9925 -494D-B2F5-1E29F4040F6A


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit IE (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=5BD7BCBD-528A -4A16-A39A-A5FF5F69A2E2


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34669CA2-46B0 -4FBF-8FBD-AD7A13920103


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP Service Pack 2 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7A2B4395-EABA -45EC-8D0C-932EBCC3D344


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=CD7ED4D5-7790 -41DB-8B68-CFD59105CA36


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE27B2F-ACA4 -4758-8CE4-A98F1FF6BA70


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=53497E53-D10C -43AF-AD56-9F07739A5284

Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=8DB75461-4DCA -43DB-AA30-C7E67CE954AD

Microsoft Internet Explorer 6.0 SP2 - do not use

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F2F9FB69-0399 -4DF0-9F5B-8F42A130C581


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit IE (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=BF41033A-D6F0 -451E-9B69-4CBE2BB3F804


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=D0BD886D-2C80 -4DD7-82B7-1BD1F8D398CC


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=5D31D916-867F -4DBF-B8A4-C75EA83F4F51


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=B15B2442-D6DA -41DD-A424-11C9893BE595

Microsoft Internet Explorer 7.0 beta2

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4F8DAED8-9925 -494D-B2F5-1E29F4040F6A


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit IE (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=5BD7BCBD-528A -4A16-A39A-A5FF5F69A2E2


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34669CA2-46B0 -4FBF-8FBD-AD7A13920103


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP Service Pack 2 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7A2B4395-EABA -45EC-8D0C-932EBCC3D344


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=CD7ED4D5-7790 -41DB-8B68-CFD59105CA36


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE27B2F-ACA4 -4758-8CE4-A98F1FF6BA70


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=53497E53-D10C -43AF-AD56-9F07739A5284

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB937143)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=FCF9440F-BB36 -4ED1-9B6B-74A4F055650B