| Apr 01, 2008 |
Macrovision InstallShield ActiveX Vulnerability US-CERT has seen reports of a vulnerability in Macrovision InstallShield. This vulnerability is due to an error in the One-Click Install ActiveX control for InstallScript projects. This ActiveX control is used for loading DLL files. If a user visits a specially crafted website, a maliciously crafted DLL file may be loaded onto the user's system, allowing an attacker to execute arbitrary code. US-CERT encourages users to do the following to help mitigate the risks:
|