CISA Adds Windows Video ActiveX Control RCE Flaw to KEV Catalog Following Active Exploitation

A long-dormant Microsoft Windows vulnerability, CVE-2008-0015, has been added to the Known Exploited Vulnerabilities (KEV) catalog following evidence of active exploitation in the wild.

The flaw, first disclosed more than a decade ago, impacts the Windows Video ActiveX Control component and poses a serious Remote Code Execution (RCE) risk.

According to CISA, attackers are exploiting the vulnerability by leveraging maliciously crafted web pages that trick users into loading a vulnerable ActiveX control within Internet Explorer.

Successful exploitation allows attackers to run arbitrary code with the privileges of the logged-on user, potentially compromising entire systems, stealing data, or deploying malware.

Microsoft initially released patches and workaround instructions for this flaw in 2008. However, ongoing exploitation indicates that unpatched or legacy systems are still in use within certain networks.

This trend underscores the risks of maintaining older Windows systems or relying on discontinued browser components, such as Internet Explorer.

CISA has mandated that all Federal Civilian Executive Branch (FCEB) agencies apply necessary mitigations or discontinue affected software by March 10, 2026, as per Binding Operational Directive (BOD) 22-01.

CISA strongly advises enterprises and organizations outside the federal sector to follow the same remediation timeline to reduce their attack surface and prevent potential ransomware or malware intrusions.

While there’s no confirmed link between this vulnerability and specific ransomware campaigns, historical patterns suggest that attackers often target older systems.

Publicly known flaws once they resurface through third-party software integrations or unmonitored devices.

Security experts recommend disabling unnecessary ActiveX controls, enforcing strict browser policies, and upgrading to supported versions of Windows to reduce exposure.

This incident highlights that even vulnerabilities more than a decade old can re-emerge as serious threats when outdated components remain unpatched or exposed to the Internet.

Continuous monitoring, adherence to patching directives, and asset visibility remain key to mitigating legacy risk across both enterprise and government environments.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post CISA Adds Windows Video ActiveX Control RCE Flaw to KEV Catalog Following Active Exploitation appeared first on Cyber Security News.