Microsoft Security Advisory (927709)
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution

Microsoft is investigating public reports of a vulnerability in an ActiveX control in Visual Studio 2005 on Windows. We are aware of proof of concept code published publicly and of the possibility of limited attacks that are attempting to use the reported vulnerability.

Customers who are running Visual Studio 2005 on Windows Server 2003 and Windows Server 2003 Service Pack 1 in their default configurations, with the Enhanced Security Configuration turned on, are not affected. Visual Studio 2005 customers who are running Internet Explorer 7 with default settings, are not at risk until this control has been activated through the ActiveX Opt-in Feature in the Internet Zone. Customers would need to visit an attacker’s Web site to be at risk. We will continue to investigate these public reports.

The ActiveX control is the WMI Object Broker control, which is included in WmiScriptUtils.dll.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. A security update will be released through our monthly release process or an out-of-cycle security update will be provided, depending on customer needs.

Customers are encouraged to keep their anti-virus software up to date.

Microsoft encourages users to exercise caution when they open e-mail and links in e-mail from untrusted sources. For more information about Safe Browsing, visit the Trustworthy Computing Web site.