Microsoft warns of zero-day DirectShow vulnerability

Stephen Withers
Friday, 29 May 2009 03:55

Business IT - Security

The first - and recommended - involves the deletion of a registry key to disable QuickTime parsing in DirectShow. Microsoft has provided an automated process to make the job easy - you'll find it here.

That same page also explains how to implement the change manually.

"This is the best workaround because it's the most surgical. It only disables QuickTime Parsing in DirectShow. DirectShow's other functionality is not affected," said Microsoft officials.

"This workaround covers all known attack vectors. Therefore, if you are not concerned about QuickTime content playback via DirectShow, this is the workaround we recommend you apply."

You can find the other two workarounds here.

Earlier this month, Microsoft released another security advisory concerning a privilege elevation vulnerability in Internet Information Services (IIS) 5.x and 6.0. IIS 7.0 is not affected.

That vulnerability involves IIS's WebDAV extension, which is not enabled by default on IIS 6.0. It also requires anonymous users to be given write access, which again is not the default on version 6.0.