Technology content trusted in North America and globally since 1999
8,189 Reviews & Articles | 61,955 News Posts

Flaw in Directshow could expose systems

But only if you are running XP or Windows 2000
By: Sean Kalinich | Posted: May 29, 2009 3:17 pm

The popular Directshow plugin that may people use to support video playback has a flaw that Microsoft warns could be used to execute arbitrary code.


The opening relies on malformed Quick Time video files (seems to be a common thread there) and can allow for remote execution of code at the logged in users level of access.


There is no direct fix for this but MS has released a registry patch to help prevent this from being exploited. The issue does not affect Vista or Windows 7.


Read more here.


Grab the Reg fix here.


Flaw in Directshow could expose systems


In a statement, the Vole said that the attacks use malicious Quicktime media files and can cause remote code execution in the context of the logged-in user.


There is no patch for the vulnerability yet, but Microsoft has created a workaround registry script that you can download and run, at the Knowledge Base Article 971778.


Related Tags

Got an opinion on this news? Post a comment below!