Intrusion Prevention

Macrovision.FlexNet.DownloadManager.Arbitrary.File.Download

Description

This indicates an attempt to exploit one of several file download vulnerabilities in Macrovision FlexNext Connect.
The vulnerabilities can be exploited through the ActiveX Control "MVSNClientDownloadManager61Lib.DownloadManager". An attacker can create a specially crafted web page with an embedded call to the "AddFile()" method, causing a vulnerable host to silently download and execute a file.

Affected Products

DownloadManager object ISDM.exe version 6.1.100.61372

Impact

System Compromise.

Recommended Actions

We are not aware of any update at this time. As a work around set the kill bit to block this ActiveX Control.