Article

Hackers targeting unpatched Microsoft DirectShow flaw

SearchSecurity.com staff

Microsoft released a security advisory Thursday warning of a new vulnerability in its DirectShow media-streaming architecture for Windows that could allow an attacker to execute code remotely.

The flaw, which Microsoft said is being actively exploited in limited attacks, affects Windows XP, Windows 2000, and Windows Server 2003. Windows Vista and Windows Server 2008 are not affected.

The vulnerability is in the QuickTime parser in DirectShow, according to Microsoft's Security Response Center.

"An attacker would try and exploit the vulnerability by crafting a specially formed video file and then posting it on a website or sending it as an attachment in email," Christopher Budd, security program manager at MSRC, wrote in a

    Requires Free Membership to View

blog post.

While the flaw isn't a browser vulnerability, "a browser-based vector is potentially accessible through any browser using media plug-ins that use DirectShow," he said. Also, it's possible to direct calls to DirectShow even if Apple's QuickTime is installed, he added.

An attacker who successfully exploits the vulnerability could gain the same user rights as the local user, according to Microsoft.

Microsoft posted workarounds in its advisory. More details on the workarounds are available from Microsoft's Security Research and Defense blog.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: