Microsoft has warned about yet another security hole which already gets actively exploited on the net. Affected are installations of Microsofts Office XP and 2003, the ISA Server 2004 and 2006 and Office Small Business Accounting 2006.

It is unclear whether the updates which are to be released later today will already fix the error, but it seems unlikely. Microsoft has a “Fix-it” tool ready which disables the ActiveX component within Internet Explorer to help mitigate the risk. Please use it ASAP!

Dirk Knop
Technical Editor