BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Microsoft WMI Administrative Tools ActiveX Remote Code Execution

Disclosed December 22, 2010    Partially Patched

Vulnerability Description:

Microsoft WMI Administrative Tools contains a vulnerability in the WBEMSingleView.ocx ActiveX object. Successful exploitation could allow execution of arbitrary code.

Vendors:

Microsoft

Vulnerable Software/Devices:

WMI Administrative Tools v1.1 and Earlier

Vulnerability Severity:

High

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

  • BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
    • Retina Audit 13926 - Microsoft WMI Administrative Tools ActiveX Remote Code Execution (Zero-Day)

Mitigation:

No patch is available. To mitigate, set the kill bit for the Internet Explorer ActiveX control with CLSID {2745E5F5-D234-11D0-847A-00C04FD7BB08}.

Links:

CVE(s):

None

Leave a Reply