Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Microsoft DirectShow vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft DirectShow vulnerability

Published: 2009-05-28
Last Updated: 2009-05-28 22:56:56 UTC
by Stephen Hall (Version: 1)
1 comment(s)

 Microsoft have recently announced a Microsoft DirectShow vulnerability via an advisory and multiple blog entries. 

The advisory indicates that Microsoft are investigating public reports of a vulnerability within the DirectShow element of DirectX - CVE-2009- 1537 has been allocated to this vulnerability.

Microsoft have published quite a detailed set of actions which provide a temporary workaround for this issue to prevent the download of a crafted QuickTime formated file.

The following information has been posted:

http://blogs.technet.com/msrc/default.aspx
http://www.microsoft.com/technet/security/advisory/971778.mspx
http://blogs.technet.com/srd/

In the advisory Microsoft have indicated that a patch will be produced for this but give no timescales. To reduce the potential risk you should consider the impact of applying the workaround versus the period of nil-protection whilst it's MAPP/MSRA partners get definitions out for detection, etc.

SecurityFocus have reported that targeted exploits of this issue have been seen in the wild.

 

1 comment(s)
Diary Archives