The Santa Clara, California-based conferencing services company said that it carried out an automatic update to its client software on customer sites, such that, by July 6, 95% of them would be updated automatically when they next used the service.
The remaining customer sites are expected to be updated shortly, it went on. ISS and iSEC played key roles in helping to identify and resolve this ActiveX vulnerability, it went on.
WebEx uses ActiveX to download additional technology components needed for a meeting, the ISV explained. This update resolved a vulnerability within the ActiveX control used to install its web meeting software. WebEx said it had not received any reports of computers being compromised by this now resolved vulnerability.