Unpatched Microsoft Vulnerability

2009-06-22

Symantec is reporting that the exploit of an unpatched vulnerability in Microsoft Windows XP and Server 2003 has been added to at least one multi-strike attack toolkit. The "in-the-wild exploit of the DirectShow bug" was acknowledged a month ago by Microsoft in a security advisory stating that malicious hackers were already using attack code that exploited a bug in DirectShow - a component of DirectX. DirectX is a collection of application programming interfaces for handling tasks related to multimedia, including game programming and video.

Liam Murchu, researcher at Symantec's security response group, wrote in the company's blog "We are still investigating the use of the exploit; however, from our research so far it is appearing more often and we are investigating the use of it within Web exploit kits. This will likely lead to wide-spread use in a short time."

Microsoft stated that the vulnerability could allow remote code execution if a user opened a specially crafted QuickTime media file. While a patch is not currently available, Microsoft has suggested that users disable QuickTime parsing on Windows 2000, XP and Server 2003 machines. More information about this vulnerability can be found in Microsoft's Security Advisory (971778) .