July 3, 2008
Husdawg is working with Microsoft to issue a killbit in a Cumulative Security Update of ActiveX Killbits ("Security Update") that, after installation, will disable older versions of the System Requirements Lab ActiveX component which had a security flaw.
In addition to this Cumulative Security Update, Husdawg has released a new
and safe version of the System Requirements Lab ActiveX component that also
fixes this security flaw. This update will uninstall and delete the flawed version
and install a safe version.
Solutions to this problem:
1) Uninstall "System Requirements Lab" from Control Panel>Add/Remove Software
2) Go to www.canyourunit.com and the updated and safe version of the ActiveX component will automatically install.
3) Install the Cumulateive Security Update of ActiveX Killbits from Microsoft.
At this time there are no known instances of abuse of the security vulnerability.
The security vulnerability was originally discovered and reported to Husdawg by Will Dormann at the US-CERT and David Matscheko of SEC Consult