[Steve]

Security company Symantec has reported that hackers are developing a multiple-attack package composed of seven ActiveX exploits, many of them never seen in the wild before; fewer than half of the flawed ActiveX controls have been patched.

The attack probes Windows PCs for vulnerable ActiveX controls from Microsoft, Citrix Systems and Macrovision, as well as hardware makers D-Link Corp., Hewlett-Packard, Gateway, Sony and Symantec's own Norton security products.

VeriSign Inc.'s iDefense, says that the ActiveX control SymAData.dll contains two vulnerabilities that could be used "to execute arbitrary code with the privileges of the currently logged in user" by attackers able to entice victims to malicious Web sites.

Symantec confirmed the vulnerabilities Wednesday in its own advisory, and said the faulty control has been issued with Windows versions of Norton AntiVirus 2006-2008, Norton Internet Security 2006-2008, Norton SystemWorks 2006-2008 and Norton 360 Version 1.0.

While it acknowledged the bugs, Symantec also downplayed the threat, saying that attacks would succeed only from specially crafted sites.

In February 2008, wave of similar bugs were revealed in several other software makers' products, including those from Yahoo Inc., Facebook and MySpace.

An ActiveX control is a reusable component which implements the IDispatch interface. Such components do not amount to an entire application, rather they provide a small building-block that can be shared by different software. ActiveX components are only compatible with a Microsoft web browser and a Microsoft operating system. This means that using an alternative (fully patched) web browser such as Safari, Firefox or Opera can help you avoid this particular form of exploit. However, bear in mind that all those versions have been the subject of recent and significant updating to avoid other security issues.