Your Ad Here

Wednesday, June 3, 2009

Microsoft Zero-Day DirectX Flaw

Vulnerability Details

Microsoft has reported a critical new vulnerability in Microsoft DirectX affecting older versions of Windows. The vulnerability could allow remote code execution if a user opens a rogue QuickTime media file. Microsoft reports limited, active attacks that use this exploit code.

The vulnerability exists in the way a DirectX application programming interface known as DirectShow handles supported QuickTime files. By manipulating the format, attackers can gain the same system privileges assigned to the logged-in user. The Microsoft Security Advisory states: “If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Affected Software

  • Windows 2000 Service Pack 4
  • Windows XP
  • Windows Server 2003

All versions of Windows Vista, Windows Server 2008, and the beta version of Windows 7 are NOT vulnerable. In addition, Apple’s Quick Time player is NOT affected.

Please consult the official Microsoft Security Advisory for details on workarounds, fixes and patch availability.



Workaround

Microsoft has issued a workaround that disables the automatic QuickTime parsing on machines running Window 2000, Windows XP or Windows Server 2003.



Recommendations

Keep your anti-virus products up-to-date with the current pattern files.

No comments: