Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: MS06-068: Microsoft Agent - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-068: Microsoft Agent
No CVE numbers available.  This update fixes a buffer overflow in Microsoft Agent that could allow remote code execution.

Microsoft Agent is a component of the OS that allows (to quote Microsoft) "an enriched form of user interaction that can make using and learning to use a computer easier and more natural."  This includes things like the paperclip that pops up at various times while using Microsoft Office applications.  This feature can apparently be invoked via ActiveX in Internet Explorer  Microsoft states that they are not aware of active exploitation of this vulnerability at this time.

Due to the possibility of remote exploitation, this should be considered critical for user machines, less urgent for servers.
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Nov 14th 2006

Sign Up for Free or Log In to start participating in the conversation!