A 0-day exploit within a component of Microsoft DirectShow is being exploited in the wild through thousands of newly compromised web sites according to SANS.

The exploit takes advantage of the ActiveX control and can give the intruder the same user rights as the local user. The exploit affects users running Internet Explorer with this control installed.

Temporary fixes are currently available but we recommend that you contact Anteris for further assistance. For machines vulnerable to this exploit and currently subscribing to our Anteris Manage service, we have already applied the workarounds to your systems pending a security hotfix release by Microsoft.

Users running Windows Vista or Windows Server 2008 are currently not affected.