Microsoft DirectX is dangerous

    Microsoft reports a new vulnerability found in DirectShow , an API used in DirectX. An attacker could exploit the DirectShow parser vulnerability in QuickTime by creating a special video file and placing it either on a video hosting service or by sending it to the victim by mail. Microsoft also believes that all users who use various browser plug-ins to view DirectShow codec video files are at risk — and QuickTime does not have to be installed on the computer.

    This problem is relevant for Windows 2000 Service Pack 4, Windows XP and Windows Server 2003, and users of Windows Vista and Windows Server 2008 do not fall under the "distribution", as this component is not available in the new version of DirectX. The only advice Microsoft can give right now isforced shutdown in QuickTime parser .

    Also popular now: