Microsoft Visual Studio 2005 WMI Object Broker Remote Code Execution Vulnerability

Microsoft Visual Studio 2005 WMI Object Broker Remote Code Execution Vulnerability

Microsoft Visual Studio 2005 is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue occurs because of an unspecified error in the WMI Object Broker ActiveX Control.

The vulnerability is triggered when a user visits a malicious website using Internet Explorer. Since arbitrary code execution is possible, a successful exploit could facilitate a complete compromise of the affected system.

Microsoft Visual Studio 2005 is reported affected. Implementations of Visual Studio 2005 on Windows Server 2003 and Windows Server 2003 Service Pack 1 with Enhanced Security activated are not vulnerable. Nor are Visual Studio 2005 users who are running Internet Explorer 7 with default security settings.