Security flaw found in Nokia PC Suite

ActiveX error could compromise users' PCs

A security vulnerability has been found in Nokia's PC Suite software that could be exploited by hackers to compromise a user's system. 

Nokia said in a statement that the vulnerability, which is related to the ActiveX environment, creates a security hole in PC Suite rendering the user's computer system vulnerable to harmful attack.

The vulnerability is caused by a boundary error within the Gracenote CDDBControl ActiveX Control. The flaw was listed as 'highly critical' by the Secunia security website. 

The problem occurs in versions 6.7 and 6.8 of the PC software, but does not affect the security of the mobile phones themselves.

Nokia said that users who do not have ActiveX switched on are unaffected, and claimed that no user has yet reported anyone making use of the vulnerability.

The company has patched the vulnerability and asked users to download the latest version if they don't already connect to the internet and use the automatic update feature. 

"Nokia takes all security issues seriously, and we constantly develop and integrate advanced security features in our products," said the Nokia statement.