Microsoft Sets Warning Over the DirectShow Vulnerability

Microsoft Sets Warning Over the DirectShow Vulnerability

Microsoft News

Browser News

RELATED NEWS

Facebook Accounts 25% of All Page Views in US: Hitwise

5 Top and Best Most Popular Offline Wordpress Editor

Call Of Duty: Black Ops Updates Released

China Denies US Web Hijack Claim

Windows 7 Phone: HTC HD7 Rocks!

Google Official Offers $1000 For Kinect Hack

How to prevent automatic scanning of files on downloading in Firefox?

HP Mini 1103: Specifications & Features

Kinect Can be Used as 3D Video Tool: Ahoy 3D Videographers!

Do You Think Facebook Can Defeat Google to Win the Net

By Partho, Gaea News Network
Friday, May 29, 2009

Microsoft has reported a vulnerability in its DirectShow, in some versions of Windows. DirectShow is Microsoft’s framework for playing different media types such as games and multimedia. The software giant revealed that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable to this issue. However, Windows Vista and Windows Server 2008 would be unaffected by the crisis. The attacks are conceived to be generated from the malicious QuickTime media files.

According to Microsoft the flaw could allows an attacker to execute malicious code by duping or confusing the user to open the infected QuickTime media file or visit a page that features QuickTime media file of this type. Microsoft has termed this as Limited active attacks.

Nevertheless, web browsers like Internet Explorer and others might be affected by the infection if the users employ the vulnerable versions of Windows.

As Microsoft security software engineer Chengyun Chu explains the vulnerability is not in the bowsers, but a browse-and-get-owned attack vector can occur due to the media playback plug-ins of browsers. He added, that the attackers can create a malicious Web page that uses the media playback plugins to play back an infected QuickTime file to reach the vulnerability in Quartz.dll.

Directshow versions 7, 8 and 9 are in Windows 2000, Windows XP and Windows Server 2003 are most likely targets of the attack. DirectShow has been replaced by the Windows Media Foundation in Windows Vista.

To fix the issue Microsoft has created a workaround registry script that you can download and run through Knowledge Base Article 971778. To download the script you have to click on the big Fix it button. The script would remove some registry entries that enables QuickTime parsing. Microsoft provides another script to enable it. The second one can be run when the patch is made available. What irks is that the scripts will not work in all the environments

Microsoft has made no pre-announcements about the release of the patch. During this period, anti-malware companies might provide detection for the known attacks.

NAME :	(REQUIRED)
MAIL :	(REQUIRED) will not be displayed
WEBSITE :	(OPTIONAL)

YOUR COMMENT :
	Submit Notify me of followup comments via e-mail

Older News