If you have administrative privileges on a single system and are running Internet Explorer, you can click on this ' fixit' link to set the killbit and mitigate the vulnerability on a home computer for example.
#Office web components 11 download how to#
This article describes how to deploy using Active Directory.
The specific CLSIDs to set the killbit for are:
At the moment there is no patch, there is a workaround, and it can be automated for enterprise deployment. Which may tend to indicate it has been used in targeted rather than broad based attacks. Microsoft mentions that they are aware of active exploits against this vulnerability, although we at the SANS Internet Storm Center haven't seen it used or mentioned in public as of yet (this has changed, we are seeing active exploit pages). The CVE entry for the vulnerability is CVE-2009-1136. This vulnerability exists in the ActiveX control used by IE to display Excel spreadsheets. Microsoft has released an advisory related to an Office Web Components ActiveX vulnerability, it is available here. Update1: The vulnerability is being actively exploited on web sites.