According to Secunia Advisory SA26960, If you have the Ask Toolbar installed on your system, you’re at risk. From Secunia Weekly Summary - Issue: 2007-39:

A vulnerability has been discovered in the Ask.com Ask Toolbar, which can be exploited by malicious people to compromise a user’s system. The vulnerability, a boundary error in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control (askBar.dll) when handling the “ShortFormat” property, can be exploited to cause a stack-based buffer overflow by assigning a string with a length of more than 500 bytes to the affected property. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 4.0.2 and currently remains unpatched.

Secunia recommends that you set the kill bit for The ActiveX control to prevent it from executing. Microsoft KB article 240797. Explains in detail how it’s done, but beware: it’s not for the faint of heart. You’ll need to know the CLSID for the control, so here it is: {5A074B2B-F830-49de-A31B-5BB9D7F6B407}.

Cheers!
The Geek

Have a question? It can be about anything from cooking to science, whatever you’re interested in: Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a former research scientist and Microsoft Certified Systems Engineer at Connective Computing, Inc. and loves to learn about anything and everything.

[tags]security, ask.com, secunia, vulnerability[/tags]