Click Carefully: New DirectX Exploit in the Wild

Another remote hacker threat has arisen, and this time it affects popular streaming media tool DirectX. Microsoft announced yesterday that it is currently working on a fix for the security exploit, which could allow someone to take total control of a system by using malicious QuickTime video files.

DirectX Exploit: Affected Users

The exploit involves Microsoft's audio/video sourcing/rendering software DirectShow and the way it handles the QuickTime format files it supports.

Users of Windows 2000 Service Pack 4, Windows Server 2003, and Windows XP are those most affected and will want to keep on the lookout for Microsoft's patch when it becomes available.

Those running Windows Vista or Microsoft's Windows Server 2008 are lucky; the company has announced that these two systems are not vulnerable to attack. (Source: crn.com)

How Does The Attack Work?

Like many Internet schemes, the attack hinges on convincing a user to visit a malicious web site hosting the exploit. If the exploit is used successfully, a hacker could gain user rights at the same level as a system's rightful owner.

In a statement by its security advisory, Microsoft admitted that it was "aware of limited, active attacks that use this exploit code."

"If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data, or create new accounts with full user rights." (Source: cnet.com)

Workaround Available

Although Microsoft is still working on a more complete solution to the issue, it has released details for a workaround, which you can see by visiting the MS Knowledge base site:

http://support.microsoft.com/kb/971778