Microsoft DirectX is dangerous
Microsoft reports a new vulnerability found in DirectShow , an API used in DirectX. An attacker could exploit the DirectShow parser vulnerability in QuickTime by creating a special video file and posting it either on a video hosting site or by sending the victim by mail. Microsoft also believes that at risk is all users who use various browser plugins to view DirectShow video files for codecs, without having to have QuickTime installed on the computer.
This problem is relevant for Windows 2000 Service Pack 4, Windows XP and Windows Server 2003, and users of Windows Vista and Windows Server 2008 do not fall under the “distribution”, since this component is missing in the new version of DirectX. The only piece of advice that Microsoft can give now is to force the shutdown of the parser in QuickTime .
This problem is relevant for Windows 2000 Service Pack 4, Windows XP and Windows Server 2003, and users of Windows Vista and Windows Server 2008 do not fall under the “distribution”, since this component is missing in the new version of DirectX. The only piece of advice that Microsoft can give now is to force the shutdown of the parser in QuickTime .
')
Source: https://habr.com/ru/post/60874/
All Articles