Microsoft DirectX Zero Day Vulnerability

    image
    Active exploitation of yet another zero-day vulnerability in Microsoft DirectShow was discovered. According to CSIS, at the moment, cybercriminals use several thousand new compromised sites to spread malicious code exploited by a vulnerability in Microsoft DirectX.

    SecurityLab has issued a security notice, available at: www.securitylab.ru/vulnerability/382197.php

    Also available in the public domain is an exploit:
    www.securitylab.ru/poc/382196.php

    As a temporary solution, we recommend disabling the vulnerable library:

    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet explorerActiveX Compatibility {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
    "Compatibility Flags" = dword: 00000400

    Also popular now: