Microsoft DirectX Zero Day Vulnerability

    Active exploitation of yet another zero-day vulnerability in Microsoft DirectShow was discovered. According to CSIS, at the moment, cybercriminals use several thousand new compromised sites to spread malicious code exploited by a vulnerability in Microsoft DirectX.

    SecurityLab has issued a security notice, available at:

    Also available in the public domain is an exploit:

    As a temporary solution, we recommend disabling the vulnerable library:

    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet explorerActiveX Compatibility {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
    "Compatibility Flags" = dword: 00000400

    Also popular now: