Microsoft Warns About DirectX Exploit
Next news- Email |
- Print |
- Comments (17) |
- Share
Yesterday, the "Bringer of Bing" (aka Microsoft) issued a security advisory that reports on a new vulnerability in Microsoft DirectX, specifically in Microsoft DirectShow.
While DirectX security flaws are not uncommon, end-users generally receive alerts stemming from other Windows OS and Internet Explorer vulnerabilities; DirectX is usually associated with PC gaming. However, in the case of this incident, Microsoft says that the problem is limited, but remains quite active.
According to the company, the DirectX vulnerability allows remote code execution if the end-user opens a specially crafted QuickTime media file. Current investigations reveal that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are highly susceptible to an attack; Windows Vista and Windows Server 2008 are not vulnerable. Microsoft also said that if successful, the attacker could gain the same user rights as the local user. Consumers whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
"In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability," the company said, describing a mitigating factor. "An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to convince them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions."
While the company is currently working on a patch, Microsoft has provided an auto workaround here that can be used by way of a simple click. The fix actually disables QuickTime parsing automatically, however consumer who wish to do so manually will need to read the directions, as it involves altering the registry.
Source : Tom's Hardware US
Sponsored links
Related forums topics
- no sound after XP reinstall
- Near Exact Systems, 788 CPU Points different (3DMark)
- Performance Problems need diagnosis
- Computer freezes/locks
- Help with CPU GPU conflict
- Would anyone be intersted in this .....?
- Need help on memory
- PC randomly reboots while playing games.
- Undetectable issues with built system
- P.C restarting.. help needed
- double post sorry
- System always bluescreens on cold startup
- 8500gt causing freezes with any game
- ATI Radeon HD 3450 BSOD
Related articles
-
OpenGL 3 & DirectX 11: The War Is Over
OpenGL 3 and DirectX 11 are both hot topics, but we explain why one of the two next-gen APIs is in a position to succeed and the other is struggling to keep its head above water.
-
DirectX 10 Shootout: Nvidia vs. ATI
It's truth time. The first DirectX 10 games have appeared. We ask the question: Which Nvidia Geforce 8x00 or ATI Radeon 2x00 card performs best under Vista?
-
CES 2007: Microsoft intros fancy gaming keyboard
The Reclusa gaming keyboard is yet another product that was born through the cooperation of the Redmond-company and Razer, a company that has specialized itself on developing gaming peripherals.
Best offers
|
Windows 7 Professional (Full Product) | $299.99 Dell Small Business More info |
|
Office 2007 Home and Student (Full... | $119.95 Newegg.com More info |
|
Windows 7 Home Premium (Upgrade) | $119.99 Dell Small Business More info |
|
Windows 7 Ultimate (Full Product) | $319.99 Dell Small Business More info |
|
Norton Internet Security 2010 - 3 Users | $69.99 Dell Small Business More info |
Troubleshooting Windows 7 With Microsoft's Built-In Tools
Windows 7 is more stable and responsive than Vista, but no operating system is perfect (the same goes for the drivers and apps running on it). We show you a suite of tools built into Microsoft’s shiny new OS to help you troubleshoot your Windows 7 issues. Read More
-
Quick Look: Notebook Performance With Windows XP, Vista, And 7
Windows 7 is here, and we've already established that it tastes great, is less filling, and performs well. But do you want it on your notebook? We compared the performance and battery life of Windows XP, Vista, and 7 on an upper-mainstream mobile system. Read More
-
Windows 7 And Windows Vista: Performance Compared
Microsoft is hyping Windows 7 as the operating system that everyone should adopt. We'd already done a bit of benchmarking in the new OS, but we revisit a longer list of tests today, including more real-world tasks, like boot-up, hibernate, and shutdown. Read More
- windows server 2008 gaming performance
- server 2008 open file security warning
- hosting web site in windows vista
- how to host web site on vista
- server 2008 based on server 2003
- how to host a site in windows vista
- directx for windows 2003
- vista windows local host file
- open file security warning disable server 2003
- what is the different between an exploit and vulnerability
Bing!
An exploit via Quicktime... software developed by Apple. I can't even imagine how exploitable their OS is...
Hitokage an exploit using direct show could be rebuild for several other applications that rely on direct show.
As Apple's don't use DirectX (sadly otherwise the platform might be worth it) this exploit wont fly on Apple machines.
In other words this comes down to microsoft software being exploited not quicktime.
Hmm. Maybe Microsoft is doing some sneaky anti-Apple stuff? o.O
Apple is trying to infect all Windows machines to make people switch to Macs lol
Just sounds like Microsoft wants you to buy one of their new OS.
Apple is trying to infect all Windows machines to make people switch to Macs lol
Or Microsoft trying to infect XP users to make them upgrade to Vista/Win 7!
Quicktime sprites are a pain in the ass. Download one with them and at playback they can open whatever infected website they want.
I thought it was Bling
Just sounds like Microsoft wants you to buy one of their new OS.
I agree, and all while putting the blame on Apple. What a brilliant scheme.
Haha, when Microsoft sucks, it's Microsoft. When Apple sucks, it's Microsoft. I see I see.
And when XP sucks... well... we just pretend XP doesn't suck.
If you have Quicktime installed on your computer, you deserve much more then getting virus, you also need to be shot.
Just sounds like Microsoft wants you to buy one of their new OS.
Sure....its not as though Windows 7 is available as a free download or anything, right?...
Mac software on the PC has always been horible. There is about as much quality control in their PC software as there is in your toilet. A lot like Adobe now that I think about it...
Just sounds like Microsoft wants you to buy one of their new OS.
By working on a patch to fix the problem? Darn that evil Microsoft, somehow forcing me to buy a new OS by continuing to support and patch my current OS!
Current investigations reveal that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are highly susceptible to an attack; Windows Vista and Windows Server 2008 are not vulnerable.
Keep telling me how bad Vista is, and continue using XP. Everyone who has used a computer for 10 years or more, cannot deny that XP Sucked at launch. Hope they patch the exploit before any XP users get infected.