NEWS FROM THE LAB - Monday, July 6, 2009

0-Day Vulnerability in DirectShow Posted by Sean @ 14:36 GMT

A 0-Day vulnerability that's being used to exploit Microsoft DirectShow has been discovered in the wild.

Drive-by attacks using thousands of compromised websites are reportedly involved.

SANS Internet Storm Center has details (including a killbit) in their Handler's Diary. There is not yet a Microsoft Advisory.

We detect the exploit as Exploit:W32/Agent.LBV.

The exploit targets Microsoft Internet Explorer… so one workaround is kind of obvious.

Use some other browser besides Internet Explorer until this vulnerability is patched.