Yet Another Unpatched Vulnerability and PoC Exploit

July 21, 2009

An unpatched vulnerability in an ActiveX control (Microsoft Office Web Components) used by Internet Explorer is being actively exploited. My version of the exploit can be found here. The exploit's payload spawns the calculator.