In association with heise online

29 May 2009, 08:25

Microsoft warns about critical DirectShow vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft has found a critical vulnerability in the DirectX library for Quicktime video playback, and it appears that the flaw is now being actively exploited. The software giant has issued a security advisory which contains quite detailed information about the vulnerability.

The affected DirectShow filter is apparently not present in Windows Vista and Server 2008, which only leaves older platforms like Windows XP vulnerable to the problem. On vulnerable systems, however, an attacker can reportedly exploit the hole, even if the victim uses an alternative browser instead of Internet Explorer, as the multimedia extensions of other browsers also access the operating system's DirectX functionality. Installing Apple's Quicktime package does not solve the problem, either. The flaw can be triggered both through specially crafted web pages and directly via files that are associated, for example, with the Media Player.

In a blog entry, Microsoft's security experts recommend deleting the

HKEY_CLASSES_ROOT\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}

registry key as the simplest and safest solution, which is also described in the security advisory. This prevents Quicktime from being parsed in the vulnerable Quartz.dll library. As an alternative, Microsoft had created a web page to immunise systems, however, at the time of writing, this Fix it page is undergoing maintenance.

Microsoft reveals its action plan with unusual clarity: developers are reportedly working on a patch which will be released as soon as investigations are completed. Whether this means that a patch will become available before the next Patch Tuesday on the 9th of June, remains to be seen.

See also:.

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-741797
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit