Published: 2008-07-12T21:16+00:00
Last Updated: 2008-08-15T06:50+00:00
TRTA08-189A
Microsoft Office Snapshot Viewer ActiveX Vulnerability
Overview
An unpatched vulnerability in the Microsoft Office Snapshot Viewer ActiveX control is being used in attacks.
Event Information
| Date (UTC) | Description |
| 2008-08-13 02:39 |
Microsoft MS08-AUG: Microsoft Security Bulletin Summary for August 2008 Included in this advisory are updates for newly discovered vulnerabilities. |
| 2008-08-13 02:39 |
Microsoft Microsoft Security Advisory (955179): Vulnerability in the ActiveX Control for theSnapshot Viewer for Microsoft Access Could Allow Remote CodeExecution Snapshot Viewer Arbitrary File Download Vulnerability (MS08-041, CVE-2008-2463) Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-041 to address this issue. |
| 2008-08-01 21:03 |
Symantec ThreatCON (1) => (2) A new attack vector for the Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download Vulnerability has been identified. Symantec has observed in-the-wild attacks leveraging a new vector of attack for this issue. The newly discovered vector greatly increases the severity of the flaw because users who do not have the Snapshot Viewer control on their system can be forced to download the control without interaction and can then be exploited. |
| 2008-07-09 10:38 |
Symantec Security Response Blog : Vulnerabilities & Exploits Microsoft Access Snapshot Viewer Exploited in Neosploit Wrapper On July 7, Microsoft released a Security Bulletin outlining a vulnerability in the Access Snapshot Viewer ActiveX control. On or about this date, our honeypots began detecting this vulnerability exploited in what I can only describe as a Neosploit wrapper. |
| 2008-07-08 17:49 |
US-CERT Microsoft Releases Security Advisory For Snapshot Viewer ActiveX Control US-CERT Current Activity Microsoft has released a Security Advisory to address a vulnerability in a Microsoft Access ActiveX control. By convincing a user to visit a specially crafted web page, a remote, unauthenticated attacker may be able to execute arbitrary code. The Advisory also indicates that the vulnerability is being used in active, targeted attacks. |
| 2008-07-07 20:06 |
US-CERT TA08-189A: Microsoft Office Snapshot Viewer ActiveX Vulnerability Via US-CERT Mailing List |
| 2008-07-07 19:13 |
SANS Internet Storm Center Microsoft Snapshot Viewer Security Advisory Microsoft earlier today released a Security Advisory which discusses a remote code execution vulnerability in the ActiveX control for Snapshot Viewer. The Snapshot Viewer ActiveX control enable the user to view an Access report snapshot without having the standard or run-time version of Microsoft Access. |
| 2008-07-07 18:19 |
Microsoft Microsoft Security Advisory (955179): Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution Microsoft is investigating active, targeted attacks leveraging a potential vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. |
| 2008-07-07 09:07 |
Microsoft Security Response Center Blog Snapshot Viewer ActiveX Control Vulnerability We've activated our Software Security Incident Response Process (SSIRP) to investigate and have identified steps customers can take to protect themselves in the workaround section. |
| 2008-07-07 |
IBM Internet Security Systems Microsoft ActiveX Snapshot Viewer for Microsoft Access RCE Snapshot Viewer Vulnerability (CVE-2008-2463) Microsoft ActiveX Snapshot Viewer for Microsoft Access could allow a remote attacker to execute arbitrary code on the system. Targeted active exploitation for this issue has been reported. |