Network Computing is part of the Informa Tech Division of Informa PLC
WebEx ActiveX Bug Found, Fixed
Online collaboration service provider WebEx released a fix for its flagship software Thursday after a security company uncovered a remotely exploitable vulnerability in an ActiveX control used with Microsoft's Internet Explorer.
Atlanta-based Internet Security Systems (ISS) discovered the bug in the ActiveX-based IE plug-in, which is used to install the WebEx client program on users' machines before they attend an online meeting. According to ISS, the WebEx control didn't verify the validity of the to-be-downloaded components, making it possible for an attacker to create a bogus site and download malicious code to users' PCs rather than the real WebEx software.
WebEx said that it's about 95 percent finished with a client update to customers' Web sites, and that end users will be updated automatically when they next use the service.
"The remaining customer sites are expected to be updated shortly," the Santa Clara, Calif.-based company said in a statement.
Recommended For You
Making the jump from outdated legacy technology to a more modern digital infrastructure will allow businesses to innovate at the speed and scale needed in today’s marketplace.
The business world is speeding up. The longer IT leaders wait to get their needs met, the more at risk their businesses and their jobs will be.
By arming SD-WAN networks with end-to-end intelligence, analytics-driven predictions, and predictive automation solutions, IT teams can simplify infrastructure management and assure higher levels of quality experiences for users.