Microsoft ActiveX Controls "InformationCardSigninHelper Class" Out-of-Bounds Memory Access Vulnerability
14 November 2013
A remote code execution vulnerability exists in the InformationCardSigninHelper Class ActiveX control. Specifically the issue occurs in the way "InformationCardSigninHelper Class" ActiveX control (icardie.dll) is loaded into Internet Explorer and causes system state corruption.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Bitglass talks about how cloud and mobile and the the largest trends happening in enterprise IT today. There's not a single enterprise out there that's not dealing with these challenges at some level, with the most significant being security and compliance.
A coder that goes by the online handle "Hephaestos" has shared with the world a Python script that, when put on an USB thumb drive, turns the device in an effective kill switch for the computer in which it's plugged in.