Monday, July 6, 2009
0-Day Vulnerability in DirectShow Posted by Sean @ 14:36 GMT

A 0-Day vulnerability that's being used to exploit Microsoft DirectShow has been discovered in the wild.

Drive-by attacks using thousands of compromised websites are reportedly involved.

SANS Internet Storm Center has details (including a killbit) in their Handler's Diary. There is not yet a Microsoft Advisory.

We detect the exploit as Exploit:W32/Agent.LBV.

The exploit targets Microsoft Internet Explorer… so one workaround is kind of obvious.

Use some other browser besides Internet Explorer until this vulnerability is patched.

<<< Bait Files
F-Secure ISTP and the 0-day Vulnerability in MSVIDCTL.DLL >>>