Microsoft Warns Of Attacks Exploiting DirectShow Flaw - The Channel Wire - IT Channel News And Views by CRN and VARBusiness

News

Reviews

NEW ON CHANNELWEB

Coming Up: Women of the Channel Winter Workshop

Annual Report Cards

State of Tech: Security

Fast Growth 100

Tech Books Online

Subscribe to CRN

FEATURED VIDEO

Sponsored By:

SLIDE SHOWS

Pass That PCI Audit: 20 Hot Compliance Products

As if they needed more stress, organizations are facing evolving and increasingly stringent compliance regulations from the Payment Card Industry, as well as Sarbanes-Oxley, HIPAA and others. Here are a few security compliance products that can make the audit process less excruciating.

D&H: 10 Fresh Products For SMBs

Here are 10 of the distributor's hottest new offerings winning over solution providers.

Hot New Handsets For The Holidays

New smartphones from Sony, Motorola and the first-ever Twitter-only mobile device -- the TwitterPeek -- headline a busy week for handset makers as the holiday shopping season heats up.

INSIDE CHANNELWEB

Emerging Vendors Blog

Emerging Vendors Report

Fast Growth 100

Demand Generation Services

Partner Programs Guide

Vendor Content Community

Vendor Stimulus Directory

Women of the Channel

White Paper Library

BLOGS

The Channel Wire

May 28, 2009

Microsoft Warns Of Attacks Exploiting DirectShow Flaw

Microsoft issued a security advisory Thursday warning users of active attacks exploiting a Microsoft DirectShow vulnerability in multiple versions of Windows that exposes users to malicious code when they open an infected QuickTime media file.

An initial investigation determined that affected systems include Windows 2000 Service Pack 4, Windows XP and Windows Server 2003. However, all versions of Windows Vista and Windows Server 2008 are not vulnerable to attack.

Specifically, the vulnerability exists in the way that Microsoft DirectShow -- a DirectX function that performs client-side audio and video sourcing and rendering -- handles QuickTime format files. The flaw could open the door for a remote hacker to launch an attack on users' computers by enticing users to open a malicious QuickTime media file, usually through some sort of social engineering scheme.

Attackers typically entice users to click a link embedded in an e-mail that directs them to the attacker's malicious Web page. Once the user opens the malicious page, the attacker can infiltrate and take control of the computer in order to view or steal information for identity theft activities.

Microsoft DirectX is a Windows feature used in streaming media that enables graphics and sound when users play video games or watch videos.

Microsoft said that it is currently investigating the issue through its Software Security Incident Response Process and working with Microsoft Active Protections Program and Microsoft Security Response Alliance programs to remediate the flaw. The company noted in its advisory that attacks actively exploiting the DirectX flaw appeared to be limited thus far.

Meanwhile, researchers at Microsoft recommend some workarounds that include disabling the parsing of QuickTime content in quartz.dll, which is a library with functions for DirectShow, modifying the access control list (ACL) on quartz.dll and unregistering quartz.dll altogether.

Microsoft likely will introduce a fix in a monthly "Patch Tuesday" security update bundle or as an emergency out-of-band patch, depending on the severity of the resulting attacks.

Security experts at the Redmond, Wash.-based company also suggest that users protect their PCs from attack by regularly updating software, installing and maintaining antivirus software and enabling firewall products.

Posted by Stefanie Hoffman at 6:00 PM

>>More from "The Channel Wire"

Share: Digg Del.icio.us Facebook LinkedIn Twitter
More Security | Email this blog | Print this blog | Reprints

Main >>

Contact

Email Us

Subscribe To This Feed

More Newsfeed Information