Known Exploited Vulnerability: CVE-2008-0015

Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

Catalog version: 2026.07.01 Date added: 2026-02-17 Due date: 2026-03-10 CISA catalog

Vendor: Microsoft

Product: Windows

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Known ransomware campaign use: Unknown

Notes: https://web.archive.org/web/20110305211119/https://www.microsoft.com/technet/security/bulletin/ms09-032.mspx https://nvd.nist.gov/vuln/detail/CVE-2008-0015

cvelogic Threat Intelligence