Microsoft warns its users about a recently discovered attack on one of its browser components. The reports received by the company, refer to a flaw in an ActiveX control for Snapshot Viewer, active in Microsoft Office Access 2000, 2002 and 2003.

Apparently, the flaw does not affect Office Access 2007.

Once the vulnerability is found, it can used by attackers to gain access to the targeted system and actually offer all of the owner’s rights to the hackers.

Internet Explorer uses the ActiveX controls in order to connect to certain applications and view certain content. The attack cannot be completed on other browsers which do not use ActiveX. Also, the copies of Internet Explorer running the Enhanced Security Configuration, such as Windows Server 2003 and 2008 are also sheltered from the attacks.

The company suggests that all users should implement the manual tips featured in the Advisory, either configuring their Internet Explorer browser to disable the Active Scripting, changing their Internet security zone settings to ‘high’ or for now, some might add, switching to another browser such as Opera or Firefox.

Microsoft should be, and probably is, considering the development of a security update in order to make sure that the vulnerability is taken care of, but so far no official announcement on the matter has been released.

"While the attack appears to be targeted, and not widespread, we are monitoring the issue and are working with our MSRA (Microsoft Security Response Alliance) partners to help protect customers," said Bill Sisk, security response communications manager for Microsoft, as quoted by Cnet.