Members
  • Total Members: 12809
  • Latest: Dorel
Stats
  • Total Posts: 28478
  • Total Topics: 8238
  • Online Today: 797
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: New Attacks Exploiting DirectShow Flaw (ACL, quartz.dll, QuickTime DirectX flaw)  (Read 2050 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Microsoft issued a security advisory Thursday warning users of active attacks exploiting a Microsoft DirectShow vulnerability in multiple versions of Windows that exposes users to malicious code when they open an infected QuickTime media file.

An initial investigation determined that affected systems include Windows 2000 Service Pack 4, Windows XP and Windows Server 2003. However, all versions of Windows Vista and Windows Server 2008 are not vulnerable to attack.

Specifically, the vulnerability exists in the way that Microsoft DirectShow -- a DirectX function that performs client-side audio and video sourcing and rendering -- handles QuickTime format files. The flaw could open the door for a remote hacker to launch an attack on users' computers by enticing users to open a malicious QuickTime media file, usually through some sort of social engineering scheme.

Attackers typically entice users to click a link embedded in an e-mail that directs them to the attacker's malicious Web page. Once the user opens the malicious page, the attacker can infiltrate and take control of the computer in order to view or steal information for identity theft activities.

Microsoft DirectX is a Windows feature used in streaming media that enables graphics and sound when users play video games or watch videos.

Microsoft said that it is currently investigating the issue through its Software Security Incident Response Process and working with Microsoft Active Protections Program and Microsoft Security Response Alliance programs to remediate the flaw. The company noted in its advisory that attacks actively exploiting the DirectX flaw appeared to be limited thus far.

Meanwhile, researchers at Microsoft recommend some workarounds that include disabling the parsing of QuickTime content in quartz.dll, which is a library with functions for DirectShow, modifying the access control list (ACL) on quartz.dll and unregistering quartz.dll altogether.

Microsoft likely will introduce a fix in a monthly "Patch Tuesday" security update bundle or as an emergency out-of-band patch, depending on the severity of the resulting attacks.

Security experts at the Redmond, Wash.-based company also suggest that users protect their PCs from attack by regularly updating software, installing and maintaining antivirus software and enabling firewall products.

(CHANNELWEB)

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising