Cisco has released a security advisory to address a vulnerability in Cisco Secure Desktop. Cisco Secure Desktop contains a vulnerable ActiveX control that may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100414-csd and apply any necessary updates to help mitigate the risks. Cisco has provided a workaround for users who are unable to apply the update. Additionally, users and administrators may want to review and implement the best security practices described in the Securing Your Web Browser document to help prevent future, similar attacks.