Microsoft DirectX Zero Day Vulnerability
An active exploitation of another zero-day vulnerability in Microsoft DirectShow has been detected. According to CSIS, attackers are currently using several thousand new compromised sites to spread malicious code that exploits a vulnerability in Microsoft DirectX.
SecurityLab has released a security notice available at: www.securitylab.ru/vulnerability/382197.php
Also in open access is an exploit:
www.securitylab.ru/poc/382196.php
')
As a workaround, we recommend disabling the vulnerable library:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet explorerActiveX Compatibility {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
“Compatibility Flags” = dword: 00000400
Source: https://habr.com/ru/post/63674/
All Articles