Contact Us
Critical ADODB Patch Available
- URL: http://www.secureworks.com/research/threats/adodb
- Date: July 2, 2004
- Author: Joe Stewart
***Critical Patch Available for ADODB Vulnerability***
Microsoft has released knowledgebase article 870669 and a patch to fix the ADODB vulnerability in Internet Explorer. The patch is a simple addition of a registry key disabling the ADODB object in Internet Explorer only. This can be accomplished manually or by the use of Microsoft's patch tool. SecureWorks' testing has shown that either the automated patch tool or manual registry edit will effectively prevent the exploit from working. No reboot or restart of Internet Explorer is required; the patch will be effective as soon as it is applied.
The knowledgebase article is available at http://support.microsoft.com/?kbid=870669
The 32-bit version of the patch tool can be directly downloaded from:
http://download.microsoft.com/download/e/5/5/e55bbf16-ae16-4d58-8f75-3233ec146255/Windows-KB870669-x86-ENU.exe
SecureWorks' research team recommends all Windows workstations in your enterprise be patched for this vulnerability as soon as possible, as we are seeing increasing numbers of malware using the ADODB exploit with widespread success.
