Microsoft is warning of a new security risk with Active X controls. According to MSA 972890 the problem lies with the way that the Microsoft Video ActiveX control handles video.
If a user is logged in with Admin rights someone injecting this code could potentially take over the entire system. Microsoft also comments that they have identified cases of this exploit being used in the wild.
This makes the issue even more real and has prompted MS to advise people to disable the control. The MS Video Active X Control is one that is used by Media Center to build filters for TV Video recording and playback. It is responsible for connecting the MS DirectShow filters for capture, record and playback of video.
Read the Advisory here.
Get the workaround here
