From Dark Reading

Flaws in Windows Help and Support Center already seen in the wild, observers say
Microsoft today patched four security vulnerabilities in the Windows environment -- three of them considered critical -- and experts say one of the flaws is already being exploited.

Researchers have already reported the vulnerability in the Windows Help and Support Center feature that comes with Windows XP and Windows Server 2003. Experts say at least three exploits of this flaw have already been spotted in the wild.

"This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message," Microsoft says. "The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message."

Microsoft also issued a patch for another previously disclosed vulnerability, this one in the Canonical Display Driver (cdd.dll). "Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization," Microsoft says. "In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart."

Microsoft also revealed two previously undisclosed vulnerabilities in its Microsoft Office Access ActiveX Controls. "The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls," the software giant says. "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

[More...] [Comments...]