The Microsoft security team has informed users running Internet Explorer (IE) versions six and seven on Windows XP and Windows Server 2003 that they are vulnerable to attacks, according to infoworld.com.
According to the Web site, security researchers at two Danish firms said that thousands of legitimate Web sites were hacked as a result in a critical glitch in Windows’ DirectShow, part of DirectX.
Users of Windows Vista and Server 2008 are not at risk, neither are users of IE8, the newest browser by Microsoft.
The company promised to fix the bug; however, it is unclear whether it will be fixed by July14, which is when the next regularly-scheduled security update is released.
Microsoft is urging users to set 45 “kill bits” in the ActiveX control. The company admits that using the ActiveX Control can be risky because it involves editing the Windows registry, when, if used incorrectly, can cause serious problems and may require users to reinstall their operating systems.
Users can also download a Microsoft-crafted automated tool from the company’s support site to set the kill bits.
Those using Mozilla’s Firefox or Google’s Chrome are safe from attack, according to infoworld.com.
For additional information, click here.