Fri, May 29, 2009
Unpatched Web-Exploitable Flaw in DirectX on Windows XP, 2003 and 2000
An unpatched security vulnerability in DirectX on Windows XP, 2003 and 2000
has been announced. It allows an attacker to create and distribute (e.g. via
a web site) a malicious QuickTime media file. This malicious file, when
viewed (e.g. via a web browser) will run the attacker's commands
on the viewing machine. Microsoft is aware of limited active attacks
that exploit this vulnerability. While no patches have yet been
released, Microsoft has outlined some workarounds that will block
some of the ways that this vulnerability is presently being exploited.
For more information, and for workaround instructions, please see
http://www.microsoft.com/technet/security/advisory/971778.mspx
To be emailed any new alerts as they appear, or to cease being emailed such alerts, send email to securityalerts-request@cs.
![[Valid HTML 4.01 Transitional]](/support/security/valid-html401-blue.png){kind=small}
![[Valid RSS]](/support/security/valid-rss.png)
![[Valid Atom]](/support/security/valid-atom.png)